Lucene search
K

4 matches found

CVE
CVE
added 2015/04/14 8:0 p.m.72 views

CVE-2015-1646

CVE-2015-1646 affects Microsoft XML Core Services (MSXML) 3.0. The vulnerability is a same-origin policy security bypass in MSXML3 that can allow remote attackers to obtain sensitive information via a crafted DTD. Multiple sources (NVD entry and vulnerability repositories) describe the issue and ...

4.3CVSS6.1AI score0.16975EPSS
Exploits0References2Affected Software1
Check Point Advisories
Check Point Advisories
added 2015/04/14 12:0 a.m.3 views

Microsoft XML Core Services (MSXML) (MS15-039: CVE-2015-1646)

A security feature bypass vulnerability has been reported in Microsoft XML Core Services MSXML. The vulnerability is due to a flaw that allows external entities in XML documents to be expanded into different-origin web site contents or local file contents. A remote attacker can exploit this issue...

4.3CVSS6AI score0.16975EPSS
Exploits0
Symantec
Symantec
added 2015/04/14 12:0 a.m.39 views

Microsoft XML Core Services CVE-2015-1646 Same Origin Policy Security Bypass Vulnerability

Description Microsoft XML Core Services is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass the same-origin policy and perform unauthorized actions. This could be used to steal sensitive information or launch other attacks. Technologies Affected Avaya CallPil...

4.3CVSS5.9AI score0.16975EPSS
Exploits0Affected Software11
Kaspersky
Kaspersky
added 2015/04/14 12:0 a.m.36 views

KLA10558 Obtain sensitive information vulnerability in MSXML

An unspecified vulnerability was found in Microsoft XML Core Services. By exploiting this vulnerability malicious users can bypass security restrictions or obtain sensitive information. This vulnerability can be exploited remotely via a specially designed DTD. Original advisories MS15-039...

4.3CVSS6.5AI score0.16975EPSS
Exploits0References5
Rows per page
Query Builder