CVE-2006-4685
Summary (CVE-2006-4685) The XMLHTTP ActiveX control in MSXML/MSXML Core Services (versions 2.6, 3.0–6.0) incorrectly handles server-side redirects, enabling remote, user-assisted access to content from other domains. This information-disclosure vulnerability can let an attacker read cookies or da...