Configuration 1
     AND
          OR
               cpe:2.3:o:microsoft:windows-nt:xp:*:*:*:*:*:*:*
               cpe:2.3:o:microsoft:windows-nt:xp:*:pro:*:*:*:*:*
               cpe:2.3:o:microsoft:windows-nt:xp:sp2:home:*:*:*:*:*
               cpe:2.3:o:microsoft:windows-nt:xp:sp3:home:*:*:*:*:*
               cpe:2.3:o:microsoft:windows-nt:xp:sp3:pro:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:*:adv_srv:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:*:datacenter_srv:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:*:pro:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:*:srv:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:gold:adv_srv:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:gold:datacenter_srv:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:gold:pro:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:gold:srv:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:sp1:adv_srv:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:sp1:datacenter_srv:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:sp1:pro:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:sp1:srv:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:sp2:adv_srv:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:sp2:datacenter_srv:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:sp2:pro:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2000:*:sp2:srv:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2003_server:*:*:datacenter:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2003_server:*:*:enterprise:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2003_server:*:*:std:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2003_server:*:*:wed:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2003_server:*:gold:datacenter:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2003_server:*:gold:enterprise:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2003_server:*:gold:std:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_2003_server:*:gold:wed:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_xp:*:*:pro:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_xp:*:gold:pro:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_xp:*:sp1:pro:*:*:*:*:*
               cpe:2.3:o:microsoft:windows_xp:*:sp2:pro:*:*:*:*:*
          OR
               *cpe:2.3:a:microsoft:ie:6.0:*:*:*:*:*:*:*
               *cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
               *cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*

Configuration 1
     OR
          *cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
          *cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
          *cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*

CWE-284

http://blogs.zdnet.com/security/?p=1348 No Types Assigned

http://blogs.zdnet.com/security/?p=1348 Press/Media Coverage

http://marc.info/?l=bugtraq&m=122479227205998&w=2 No Types Assigned

http://marc.info/?l=bugtraq&m=122479227205998&w=2 Mailing List

http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5901 No Types Assigned

http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5901 Not Applicable

http://secunia.com/advisories/30857 Vendor Advisory

http://secunia.com/advisories/30857 Permissions Required, Vendor Advisory

http://www.kb.cert.org/vuls/id/923508 US Government Resource

http://www.kb.cert.org/vuls/id/923508 Third Party Advisory, US Government Resource

http://www.microsoft.com/technet/security/Bulletin/MS08-058.mspx No Types Assigned

http://www.microsoft.com/technet/security/Bulletin/MS08-058.mspx Mitigation, Vendor Advisory, Patch

http://www.securityfocus.com/bid/29960 No Types Assigned

http://www.securityfocus.com/bid/29960 Third Party Advisory, VDB Entry

http://www.securitytracker.com/id?1020382 No Types Assigned

http://www.securitytracker.com/id?1020382 Third Party Advisory, VDB Entry

http://www.us-cert.gov/cas/techalerts/TA08-288A.html US Government Resource

http://www.us-cert.gov/cas/techalerts/TA08-288A.html Third Party Advisory, US Government Resource

http://www.vupen.com/english/advisories/2008/1940/references No Types Assigned

http://www.vupen.com/english/advisories/2008/1940/references Broken Link

http://www.vupen.com/english/advisories/2008/2809 No Types Assigned

http://www.vupen.com/english/advisories/2008/2809 Broken Link

http://xforce.iss.net/xforce/xfdb/43366 No Types Assigned

http://xforce.iss.net/xforce/xfdb/43366 Third Party Advisory, VDB Entry

http://xforce.iss.net/xforce/xfdb/45565 No Types Assigned

http://xforce.iss.net/xforce/xfdb/45565 Third Party Advisory, VDB Entry