Vulnerabilities > Microsoft > XML Parser > 2.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-10-10 | CVE-2006-4686 | Buffer Overrun vulnerability in Microsoft XML Core Services and XML Parser Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted Web page. | 7.5 |
2006-10-10 | CVE-2006-4685 | Information Disclosure vulnerability in Microsoft XML Core Services and XML Parser The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 does not properly handle HTTP server-side redirects, which allows remote user-assisted attackers to access content from other domains. | 2.6 |