New Search

MSXML3 same origin policy SFB vulnerability - CVE-2015-1646 (MS15-039)

oval:org.mitre.oval:def:29009

Microsoft XML Core Services (aka MSXML) 3.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted DTD aka "MSXML3 Same Origin Policy SFB Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 7
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2003
  • Microsoft Windows Vista
  • Microsoft Windows Server 2008 R2
Class:
vulnerability
Reference(s):
  • CVE-2015-1646
Product(s):
  • Microsoft XML Core Services 3.0