MS02-008: XMLHTTP Control in MSXML 2.6 Can Allow Access to Local Files

For additional information about this vulnerability, click the following article numbers to view the articles in the Microsoft Knowledge Base: 317244 MS02-008: XMLHTTP Control in MSXML 4.0 Can Allow Access to Local Files318203 MS02-008: XMLHTTP Control in MSXML 3.0 Can Allow Access to Local...

Microsoft XMLHTTP Control Open Method Code Execution (MS06-071; CVE-2006-5745)

XML HTTP, an ActiveX control that is included in Microsoft XML Core Services MSXML, is vulnerable to remote code execution. MSXML is an application for processing Extensible Stylesheet Language Transformation in an XML file that allows programmers to create high-performance XML-based applications...

XML Core Services patch (Q318203)

XMLHTTP Control Can Allow Access to Local Files. A flaw exists in how the XMLHTTP control applies IE security zone settings to a redirected data stream returned in response to a request for data from a web site. A vulnerability results because an attacker could seek to exploit this flaw and speci...

Microsoft Windows XMLHTTP component allows remote access to local data sources

Overview The Microsoft XMLHTTP ActiveX control allows unauthorized reading of any known file on a system. A victim must be enticed to visit a malicious site in order to be attacked. Description Description from MS02-008:Microsoft XML Core Services MSXML includes the XMLHTTP ActiveX control, which...

CVE-2002-0057

XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source...

CVE-2002-0057

XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source...

Security Bulletin MS02-008

---------------------------------------------------------------------- Title: XMLHTTP Control Can Allow Access to Local Files Date: 21 February 2002 Software: Microsoft XML Core Services Impact: Information disclosure Max Risk: Critical Bulletin: MS02-008 Microsoft encourages customers to review...

Security Update, February 13, 2002 (MSXML 4.0)

This update resolves the "XMLHTTP Control Can Allow Access to Local Files" security vulnerability in Microsoft XML MSXML 4.0 and is discussed in Microsoft Security Bulletin MS02-008. Download now to help prevent a malicious user from reading the files on your computer when you visit a specially...

Security Update, February 13, 2002 (MSXML 3.0)

This update resolves the "XMLHTTP Control Can Allow Access to Local Files" security vulnerability in Microsoft XML MSXML 3.0 and is discussed in Microsoft Security Bulletin MS02-006. Download now to help prevent a malicious user from reading the files on your computer when you visit a specially...