Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Xml Parser
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-4686 1 Microsoft 2 Xml Core Services, Xml Parser 2024-11-21 7.5 HIGH N/A
Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted Web page.
CVE-2006-4685 1 Microsoft 2 Xml Core Services, Xml Parser 2024-11-21 2.6 LOW N/A
The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 does not properly handle HTTP server-side redirects, which allows remote user-assisted attackers to access content from other domains.