Release date:
Updated on:
Affected Systems:
Microsoft Internet Explorer 6-11
Description:
--------------------------------------------------------------------------------
Bugtraq id: 65601
Microsoft XMLDOM ActiveX control is an ActiveX control running in IE.
Microsoft. some methods in the XMLDOM ActiveX Control have the information leakage vulnerability. Attackers can check Microsoft. the error code of the XMLDOM control. You can determine the local drive name, directory name, file, internal network address, and other information. This vulnerability affects IE 6-11.
<* Source: FireEye
Link: http://www.kb.cert.org/vuls/id/539289
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Microsoft
---------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.microsoft.com/windows/ie/default.asp