oval:org.mitre.oval:def:5969

Definition Id: oval:org.mitre.oval:def:5969

Oval ID:	oval:org.mitre.oval:def:5969
Title:	Vulnerability in Content-Disposition Header Vulnerability
Description:	Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 allows remote attackers to inject arbitrary web script or HTML via a document that contains a "Content-Disposition: attachment" header and is accessed through a cdo: URL, which renders the content instead of raising a File Download dialog box, aka "Vulnerability in Content-Disposition Header Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-4020	Version:	2
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003	Product(s):	Microsoft Office XP
Definition Synopsis:
Microsoft Office XP is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\cdo exists AND HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CDO exists AND HKEY_CLASSES_ROOT\PROTOCOLS\Handler\cdo exists

Definition Id: oval:org.mitre.oval:def:663

Oval ID:	oval:org.mitre.oval:def:663
Title:	Microsoft Office XP is installed
Description:	The application Microsoft Office XP is installed.
Family:	windows	Class:	inventory
Reference(s):	cpe:/a:microsoft:office:xp	Version:	11
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2	Product(s):
Definition Synopsis:
Microsoft Office XP OEM is installed AND Microsoft Office XP is installed
Referenced By:
oval:org.mitre.oval:def:5969