XML Parser and Core Services upgrade

Question: Security scan detected obsolete software Microsoft XML Parser and Microsoft XML Core Services MSXML 4.0. Do we need & use XML for Xenmobile? Can we remove or update XML? Answer: This specific item is a very common scan error that likely does not have anything to do with XenMobile. In fa...

Microsoft XML Parser (MSXML) and XML Core Services Unsupported

The remote host contains one or more unsupported versions of the Microsoft XML Parser MSXML or XML Core Services. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. Note that support f...

CVE-2006-4686

Buffer overflow in the Extensible Stylesheet Language Transformations XSLT processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted Web page...

CVE-2006-4685

Summary (CVE-2006-4685) The XMLHTTP ActiveX control in MSXML/MSXML Core Services (versions 2.6, 3.0–6.0) incorrectly handles server-side redirects, enabling remote, user-assisted access to content from other domains. This information-disclosure vulnerability can let an attacker read cookies or da...

CVE-2006-4686

CVE-2006-4686 is a Web-exploitable vulnerability in the XSLT processing of Microsoft XML Core Services (MSXML) 2.6 and MSXML Core Services 3.0–6.0 . The issue is a buffer overflow in the XSLT component that could allow a remote attacker to execute arbitrary code by convincing a user to view a cra...