Fedora Core 3 : mozilla-1.7.12-1.3.1 (2005-932)

Updated mozilla packages that fix several security bugs are now available for Fedora Core 3. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML...

Fedora Core 4 : mozilla-1.7.12-1.5.1 (2005-927)

Updated mozilla packages that fix several security bugs are now available for Fedora Core 4. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML...

galeon, mozilla security update

CentOS Errata and Security Advisory CESA-2005:789-01 Updated mozilla packages that fix several security bugs are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup...

firefox security update

CentOS Errata and Security Advisory CESA-2005:785 An updated firefox package that fixes several security bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web...

Critical: Red Hat Security Advisory: firefox security update

An updated firefox package that fixes several security bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. A bug was found in the way Firefox...

Microsoft Windows XMLHTTP component allows remote access to local data sources

Overview The Microsoft XMLHTTP ActiveX control allows unauthorized reading of any known file on a system. A victim must be enticed to visit a malicious site in order to be attacked. Description Description from MS02-008:Microsoft XML Core Services MSXML includes the XMLHTTP ActiveX control, which...

CVE-2002-0057

The CVE-2002-0057 issue affects the Microsoft XML Core Services XMLHTTP control (MSXML) in versions 2.6, 3.0, and 4.0 where IE security zone handling is applied to redirected data streams. The flaw allows a remote attacker to read arbitrary local files by specifying a local file as the XML Data S...

CVE-2002-0057

XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source...

CVE-2002-0354

The CVE-2002-0354 issue concerns the XMLHttpRequest (XMLHTTP) object in Netscape 6.1 and Mozilla 0.9.7. It permits remote attackers to read arbitrary files and list directories on a client by directing the browser to a file via a URL redirect and then reading the result through responseText. This...

CVE-2002-0057

XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source...

Security Bulletin MS02-008

---------------------------------------------------------------------- Title: XMLHTTP Control Can Allow Access to Local Files Date: 21 February 2002 Software: Microsoft XML Core Services Impact: Information disclosure Max Risk: Critical Bulletin: MS02-008 Microsoft encourages customers to review...

MSIE6 can read local files

Description There is a bug in the Microsoft.XMLHTTP component shipped with Internet Explorer 6 which allows reading and sending local files. This component doesn't handle http redirects to local files properly In order for this exploit to work the file name must be known. The exploit doesn't...

MSXML 4.0 SP2 Security Update (KB927978)

A vulnerability exists in the XMLHTTP ActiveX control within Microsoft XML Core Services that could allow for remote code execution...

MSXML 6.0 RTM Security Update (KB927977)

A vulnerability exists in the XMLHTTP ActiveX control within Microsoft XML Core Services that could allow for remote code execution...

Security Update, February 13, 2002 (MSXML 3.0)

This update resolves the "XMLHTTP Control Can Allow Access to Local Files" security vulnerability in Microsoft XML MSXML 3.0 and is discussed in Microsoft Security Bulletin MS02-006. Download now to help prevent a malicious user from reading the files on your computer when you visit a specially...

Security Update, February 13, 2002 (MSXML 4.0)

This update resolves the "XMLHTTP Control Can Allow Access to Local Files" security vulnerability in Microsoft XML MSXML 4.0 and is discussed in Microsoft Security Bulletin MS02-008. Download now to help prevent a malicious user from reading the files on your computer when you visit a specially...