CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
98.0%
Microsoft XML Core Services (aka MSXML) 3.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted DTD, aka “MSXML3 Same Origin Policy SFB Vulnerability.”
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | xml_core_services | 3.0 | cpe:2.3:a:microsoft:xml_core_services:3.0:*:*:*:*:*:*:* |