Internet Explorer 4.0 and later allows remote malicious users to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet explorer 5.0.1 |
||
microsoft internet explorer 5.5 |
||
microsoft internet explorer 4.0 |
||
microsoft internet explorer 4.0.1 |
||
microsoft internet explorer 5.0 |
||
microsoft internet explorer 6.0 |