Microsoft Internet Explorer Cross Domain Information Disclosure Vulnerability

Bugtraq ID:	31654
Class:	Origin Validation Error
CVE:	CVE-2008-3474
Remote:	Yes
Local:	No
Published:	Oct 14 2008 12:00AM
Updated:	Oct 24 2008 02:26PM
Credit:	Lee Dagon of Composica
Vulnerable:	Nortel Networks Self-Service Speech Server 0 Nortel Networks Self-Service Peri Workstation 0 Nortel Networks Self-Service Peri Application 0 Nortel Networks Peri Workstation 0 Nortel Networks Peri Application 0 Nortel Networks Media Processing Svr 500 Rel 3.0 Nortel Networks Media Processing Svr 1000 Rel 3.0 Nortel Networks Media Processing Svr 100 0 Nortel Networks Contact Center Manager Server 0 Nortel Networks Contact Center Express Nortel Networks Contact Center Administration 0 Nortel Networks CallPilot 703t Nortel Networks CallPilot 702t Nortel Networks CallPilot 201i Nortel Networks CallPilot 200i Nortel Networks CallPilot 1002rp Microsoft Internet Explorer 7.0 + Microsoft Windows Vista Ultimate + Microsoft Windows Vista Ultimate + Microsoft Windows Vista Ultimate + Microsoft Windows Vista Home Premium + Microsoft Windows Vista Home Premium + Microsoft Windows Vista Home Premium + Microsoft Windows Vista Home Premium + Microsoft Windows Vista Home Premium + Microsoft Windows Vista Home Basic + Microsoft Windows Vista Home Basic + Microsoft Windows Vista Home Basic + Microsoft Windows Vista Home Basic + Microsoft Windows Vista Home Basic + Microsoft Windows Vista Enterprise + Microsoft Windows Vista Enterprise + Microsoft Windows Vista Enterprise + Microsoft Windows Vista Enterprise + Microsoft Windows Vista Enterprise + Microsoft Windows Vista Business + Microsoft Windows Vista Business + Microsoft Windows Vista Business + Microsoft Windows Vista Business + Microsoft Windows Vista Business + Microsoft Windows Vista 0 + Microsoft Windows Vista 0 + Microsoft Windows Vista 0 + Microsoft Windows Vista 0 + Microsoft Windows Vista 0 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows 2000 Server - Microsoft Windows 2000 Server - Microsoft Windows 2000 Terminal Services SP2 - Microsoft Windows 2000 Terminal Services SP2 - Microsoft Windows 2000 Terminal Services SP2 - Microsoft Windows 2000 Terminal Services SP1 - Microsoft Windows 2000 Terminal Services SP1 - Microsoft Windows 2000 Terminal Services SP1 - Microsoft Windows 2000 Terminal Services - Microsoft Windows 2000 Terminal Services - Microsoft Windows 2000 Terminal Services - Microsoft Windows 98 - Microsoft Windows 98 - Microsoft Windows 98 - Microsoft Windows 98SE - Microsoft Windows 98SE - Microsoft Windows 98SE - Microsoft Windows ME - Microsoft Windows ME - Microsoft Windows ME - Microsoft Windows NT 4.0 SP6a - Microsoft Windows NT 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Terminal Server 4.0 SP6a - Microsoft Windows NT Terminal Server 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6a + Microsoft Windows Server 2003 Datacenter Edition + Microsoft Windows Server 2003 Datacenter Edition + Microsoft Windows Server 2003 Datacenter Edition + Microsoft Windows Server 2003 Datacenter Edition Itanium 0 + Microsoft Windows Server 2003 Datacenter Edition Itanium 0 + Microsoft Windows Server 2003 Enterprise Edition + Microsoft Windows Server 2003 Enterprise Edition + Microsoft Windows Server 2003 Enterprise Edition + Microsoft Windows Server 2003 Enterprise Edition Itanium 0 + Microsoft Windows Server 2003 Enterprise Edition Itanium 0 + Microsoft Windows Server 2003 Enterprise Edition Itanium 0 + Microsoft Windows Server 2003 Standard Edition + Microsoft Windows Server 2003 Standard Edition + Microsoft Windows Server 2003 Standard Edition + Microsoft Windows Server 2003 Web Edition + Microsoft Windows Server 2003 Web Edition + Microsoft Windows Server 2003 Web Edition + Microsoft Windows XP Home + Microsoft Windows XP Home + Microsoft Windows XP Home + Microsoft Windows XP Professional + Microsoft Windows XP Professional + Microsoft Windows XP Professional HP Storage Management Appliance 2.1 + HP Storage Management Appliance III + HP Storage Management Appliance II + HP Storage Management Appliance I

Not Vulnerable: