Update Protection against Microsoft Office Content-Disposition Header Vulnerability (MS08-056)
| Check Point Reference: | CPAI-2008-151 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Microsoft Security Bulletin MS08-056 | |
| Industry Reference(s): | CVE-2008-4020 | |
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? Microsoft Office XP SP3 | ||
| Vulnerability Description A cross-site scripting vulnerability has been reported in Microsoft Office. Cross-site scripting (XSS) could enable an attacker to inject code into a user's session with a Web site. A remote attacker may exploit this vulnerability to gain access to a user’s session data, allowing information disclosure. |
||
|
Update/Patch Available Apply patches: Microsoft Security Bulletin MS08-056 |
|
|
Vulnerability Details The vulnerability is due to a flaw in the cdo:// protocol that does not respect the "content-disposition: attachment" header and always renders the content. A remote attacker may exploit this issue by convincing a user to enter a site that utilizes the problematic header. Successfully exploitation of this vulnerability could allow the attacker to inject a client side script in the user's browser. |
Protection Overview
By enabling this protection, SmartDefense will detect and block the vulnerable CDO URLs.
In order for the protection to be activated, update your VPN-1 product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.