Download

Microsoft XML 2.0 Core Services Vulnerability Patch About

Microsoft XML 2.0 Core Services Vulnerability Patch Specifications
Version:
MS02-008
Date added:
Nov. 1, 2022
Date released:
Dec. 5, 2008
Price:
Free
Operating system:
Windows 2000, Windows NT, Windows,
Downloads last week:
29
Additional Requirements
Windows NT/2000

Microsoft XML 2.0 Core Services Vulnerability Patch vMS02-008

Get this add-in for Microsoft XML 2.0 Core Services Vulnerability

Microsoft XML 2.0 Core Services Vulnerability Patch Screenshots


Microsoft XML 2.0 Core Services Vulnerability Patch Editor's review

A flaw exists in how the XMLHTTP control applies IE security zone settings to a redirected data stream returned in response to a request for data from a web site. A vulnerability results because an attacker could seek to exploit this flaw and specify a data source that is on the user's local system. The attacker could then use this to return information from the local system to the attacker's web site. An attacker would have to entice the user to a site under his control to exploit this vulnerability. It cannot be exploited by HTML email. In addition, the attacker would have to know the full path and file name of any file he would attempt to read. Finally, this vulnerability does not give an attacker any ability to add, change or delete data.


Download






Similar Suggested Software

Speed up your Web browsing while saving data, and unblock censored sites.

Protect your data with AES-256 encryption.

Fix a Windows flaw to stop a Web site or HTML e-mail from deleting digital certificates on your computer.

Protect your valuable information from being lost or stolen.

Eliminate a security vulnerability that could reveal protected logon credentials.

Control access to devices on a local computer and network protocols and prevent data leaks.