Microsoft: >> Xml Parser >> 2.6 Security Vulnerabilities
The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 does not properly handle HTTP server-side redirects, which allows remote user-assisted attackers to access content from other domains.
CVSS Score
2.6
EPSS Score
0.554
Published
2006-10-10
Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted Web page.
CVSS Score
7.5
EPSS Score
0.284
Published
2006-10-10