ie8 fix
Click Here

Microsoft XML 3.0 Core Services Vulnerability Patch

Publisher's Description

From Microsoft:

Microsoft XML Core Services (MSXML) includes the XMLHTTP ActiveX control, which allows web pages rendering in the browser to send or receive XML data via HTTP operations such as POST, GET, and PUT. The control provides security measures designed to restrict web pages so they can only use the control to request data from remote data sources.

A flaw exists in how the XMLHTTP control applies IE security zone settings to a redirected data stream returned in response to a request for data from a web site. A vulnerability results because an attacker could seek to exploit this flaw and specify a data source that is on the user's local system. The attacker could then use this to return information from the local system to the attacker's web site. An attacker would have to entice the user to a site under his control to exploit this vulnerability. It cannot be exploited by HTML email. In addition, the attacker would have to know the full path and file name of any file he would attempt to read. Finally, this vulnerability does not give an attacker any ability to add, change or delete data.

Click Here!
Internet Security
100 Million Trust AVG. Free Download.
Download Now

More Popular Corporate Security Software downloads

  1. Folder Guard

    1,657 downloads

  2. L0phtCrack Password Auditing & Recovery

    945 downloads

  3. USB Lock RP

    218 downloads

  4. USB Manager

    214 downloads

  5. Passware Kit Enterprise

    209 downloads

 
ACDSee Pro
Professionally designed and visually appealing photo software
Download Now
All User Reviews
  • Sort by:
  • See reviews for:

  • All versions:

    3.4 stars

    out of 10 votes

    • 5 star: 5
    • 4 star: 0
    • 3 star: 0
    • 2 star: 0
    • 1 star: 4

  • Current version:

    3.2 stars

    out of 9 votes

    • 5 star: 5
    • 4 star: 0
    • 3 star: 0
    • 2 star: 0
    • 1 star: 4

  • My rating:

    0 stars

    Write review

Results 1-7 of 7

Add Your Review

or Log in or create an account to post a review.
You are logged in as . Please submit your review for Microsoft XML 3.0 Core Services Vulnerability Patch MS02-008
Add Your Review

The posting of advertisements, profanity, or personal attacks is prohibited.
Click here to review our site terms of use.

Submit your reply

Submit

The posting of advertisements, profanity, or personal attacks is prohibited.
Click here to review our site terms of use.

cancel

E-mail this review

Submit cancel

Report offensive content

If you believe this comment is offensive or violates the CNET's Site Terms of Use, you can report it below (this will not automatically remove the comment). Once reported, our staff will be notified and the comment will be reviewed.

Select type of offense:

Offensive: Sexually explicit or offensive language
Spam: Advertisements or commercial links
Disruptive posting: Flaming or offending other users
Illegal activities: Promote cracked software, or other illegal content
Submit cancel

See more CNET content tagged:

Microsoft Corp.,
attacker,
control,
data source,
vulnerability
Click Here

Error

close

ERROR MESSAGE

If you think this is an error, please contact CNET TechTracker Support for further assistance.

Ok

Running Request

close

loading

Smart Install Software

close

CNET TechTracker will now automatically install software without requiring further action by you. (Note: This feature automatically accepts associated EULAs and third party applications on your behalf.)

You have selected the following software to Smart Install:

CNET TechTracker will attempt to install this software without interrupting you again. If an application requires manual installation, CNET TechTracker will download the installer and prompt you to take further action.

Proceed with Smart Install?

Confirm Standard Install Cancel

Submit a problem report for Microsoft XML 3.0 Core Services Vulnerability Patch

close

Please describe the problem you have with this software. This information will be sent to our editors for review.

Problem:

The CNET Installer isn't working as expected

The download link does not work

The software has a newer version

The software contains malware

Other

Description:

Please select a feedback type.

Please enter a description.

Submit Problem Report

Problem Report submitted

close

Thank you for submitting a problem report! The Download team is committed to providing you with accurate software information.

OK