4 matches found
CVE-2015-1646
CVE-2015-1646 affects Microsoft XML Core Services (MSXML) 3.0. The vulnerability is a same-origin policy security bypass in MSXML3 that can allow remote attackers to obtain sensitive information via a crafted DTD. Multiple sources (NVD entry and vulnerability repositories) describe the issue and ...
Microsoft XML Core Services (MSXML) (MS15-039: CVE-2015-1646)
A security feature bypass vulnerability has been reported in Microsoft XML Core Services MSXML. The vulnerability is due to a flaw that allows external entities in XML documents to be expanded into different-origin web site contents or local file contents. A remote attacker can exploit this issue...
Microsoft XML Core Services CVE-2015-1646 Same Origin Policy Security Bypass Vulnerability
Description Microsoft XML Core Services is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass the same-origin policy and perform unauthorized actions. This could be used to steal sensitive information or launch other attacks. Technologies Affected Avaya CallPil...
KLA10558 Obtain sensitive information vulnerability in MSXML
An unspecified vulnerability was found in Microsoft XML Core Services. By exploiting this vulnerability malicious users can bypass security restrictions or obtain sensitive information. This vulnerability can be exploited remotely via a specially designed DTD. Original advisories MS15-039...