CVE-2002-0057
Description
XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source.
Related CPE's
Could not find any relations
References
Vendor Advisory
CvssV3 impact
Could not find any metrics
CvssV2 impact
Version | 2.0 |
VectorString | AV:N/AC:L/Au:N/C:P/I:N/A:N |
AccessVector | NETWORK |
AccessComplexity | LOW |
Authentication | NONE |
ConfidentialityImpact | PARTIAL |
IntegrityImpact | NONE |
AvailabilityImpact | NONE |
BaseScore | 5 |