First published: Tue Oct 10 2006(Updated: )
The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 does not properly handle HTTP server-side redirects, which allows remote user-assisted attackers to access content from other domains.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft XML Core Services | =3.0 | |
Microsoft XML Core Services | =4.0 | |
Microsoft XML Core Services | =6.0 | |
Microsoft XML Parser | =2.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.