Lucene search
HistoryJun 25, 2002 - 4:00 a.m.
CVE-2002-0057
microsoft
xml
core services
xmlhttp
ie security zone
cve-2002-0057
nvd
6.4 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.028 Low
EPSS
Percentile
90.6%
XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source.
Affected configurations
Node
microsoftinternet_explorerMatch6.0
ORmicrosoftsql_serverMatch2000
ORmicrosoftsql_serverMatch2000sp1
ORmicrosoftsql_serverMatch2000sp2
ORmicrosoftxml_core_servicesMatch2.6
ORmicrosoftxml_core_servicesMatch3.0
ORmicrosoftxml_core_servicesMatch4.0
Node
microsoftwindows_xphome
ORmicrosoftwindows_xpgoldprofessional
References
Social References
More
Related
cert
cert
nessus
nessus
MS02-008: XML Core Services patch (318203)
2002-02-24 00:00:00
MS02-005: MSIE 5.01 5.5 6.0 Cumulative Patch (890923)
2002-02-13 00:00:00
openvas
openvas
XML Core Services patch (Q318203)
2005-11-03 00:00:00
XML Core Services patch (Q318203)
2005-11-03 00:00:00
cvelist
cvelist
CVE-2002-0057
2002-06-25 04:00:00
nvd
nvd
CVE-2002-0057
2002-03-08 05:00:00
6.4 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.028 Low
EPSS
Percentile
90.6%
Related for CVE-2002-0057