2 matches found
CVE-2014-1816
CVE-2014-1816 affects Microsoft XML Core Services (MSXML) 3.0 and 6.0. The vulnerability arises from MSXML’s improper restriction of information transmitted during Internet Explorer download actions, allowing an attacker to disclose full client pathname components and local usernames via a crafte...
MS14-033: Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2966061)
The remote host contains a version of Microsoft XML Core Services that is affected by an information disclosure vulnerability. An attacker could exploit this issue by convincing a user to visit a specially crafted website, allowing the attacker to read files on the local user's file system or the...