Lucene search

K
cvelistMicrosoftCVELIST:CVE-2014-1816
HistoryJun 11, 2014 - 1:00 a.m.

CVE-2014-1816

2014-06-1101:00:00
microsoft
www.cve.org

6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

77.6%

Microsoft XML Core Services (aka MSXML) 3.0 and 6.0 does not properly restrict the information transmitted by Internet Explorer during a download action, which allows remote attackers to discover (1) full pathnames on the client system and (2) local usernames embedded in these pathnames via a crafted web site, aka “MSXML Entity URI Vulnerability.”

6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

77.6%