Microsoft » Xml Parser : Security Vulnerabilities, CVEs,
Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted Web page.
Max CVSS
7.5
EPSS Score
39.99%
Published
2006-10-10
Updated
2018-10-17
The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 does not properly handle HTTP server-side redirects, which allows remote user-assisted attackers to access content from other domains.
Max CVSS
2.6
EPSS Score
10.87%
Published
2006-10-10
Updated
2018-10-17
2 vulnerabilities found