CVE-2002-0057 vulnerability in Microsoft Products
Published on March 8, 2002

XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source.

Vendor Advisory NVD

Products Associated with CVE-2002-0057

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft SQL Server

Microsoft Internet Explorer (IE)

Microsoft Xml Core Services

Microsoft Windows XP

Exploit Probability

EPSS

41.76%

Percentile

97.35%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2002-0057 vulnerability in Microsoft ProductsPublished on March 8, 2002

Products Associated with CVE-2002-0057

Exploit Probability

CVE-2002-0057 vulnerability in Microsoft Products
Published on March 8, 2002