VULHUB ™

Microsoft has announced that a vulnerability exists in Internet Explorer when handling malicious XML objects. The problem is said to occur due to Internet Explorer failing to validate a supplied path when binding local data to the XML document. As a result, a malicious HTML containing an embedded XML objects may be capable of exposing the contents of the local filesystem, despite the object being within the Internet or Intranet zone.

Microsoft has announced that a vulnerability exists in Internet Explorer when handling malicious XML objects. The problem is said to occur due to Internet Explorer failing to validate a supplied path when binding local data to the XML document. As a result, a malicious HTML containing an embedded XML objects may be capable of exposing the contents of the local filesystem, despite the object being within the Internet or Intranet zone.