Check your speedMicrosoft XML Core Services (MSXML) includes the XMLHTTP ActiveX control, which allows web pages rendering in the browser to send or receive XML data via HTTP operations such as POST, GET, and PUT. The control provides security measures designed to restrict web pages so they can only use the control to request data from remote data sources.
A flaw exists in how the XMLHTTP control applies IE security zone settings to a redirected data stream returned in response to a request for data from a web site. A vulnerability results because an attacker could seek to exploit this flaw and specify a data source that is on the user's local system. The attacker could then use this to return information from the local system to the attacker's web site. An attacker would have to entice the user to a site under his control to exploit this vulnerability. It cannot be exploited by HTML email. In addition, the attacker would have to know the full path and file name of any file he would attempt to read. Finally, this vulnerability does not give an attacker any ability to add, change or delete data.
Did you find this download useful?
21 out of 42 users found this download useful
People who downloaded this software also downloaded...
Active WebCam Deluxe 11.3
Broadcast MPEG-4 live video from your Webcam up to 30 frames per second.
FactotumNOW Web Checking and Replication 3.41
Allocate a staging area on your network and replicate the Web files from there onto your Web servers.
SurveilStar 3.1.1124
Record and manage the computer and Internet activities of your employees.
sQusi Tracking Plus 2.0.1.7
Stop cookies, scripts, and files from being planted on your computer.
Pop Up Blocker Pro 7.0.6a
Block spam and pop-ups and erase files generated by Web surfing.
Pop-Up Sentry Anti-Spyware 4.0.1008
Block spyware, pop-ups, Trojan horses, and other forms of advertising.
