OVAL Reference oval:org.mitre.oval:def:221

Oval Definition:

oval:org.mitre.oval:def:221

Revision Date:	2008-12-08	Version:	43
Title:	Microsoft XML Core Services Vulnerability
Description:	The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 does not properly handle HTTP server-side redirects, which allows remote user-assisted attackers to access content from other domains.
Family:	windows	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2006-4685
Platform(s):	Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows XP	Product(s):	Microsoft XML Core Services
Definition Synopsis
AND Microsoft XML Core Services 3 is installed AND The version of Msxml3.dll is less than 8.70.1113.0. OR Microsoft XML Core Services 4 is installed AND The version of Msxml4.dll is less than 4.20.9839.0. OR Microsoft XML Core Services 5 is installed AND The version of Msxml5.dll is less than 5.10.2930.0. OR Microsoft XML Core Services 6 is installed AND The version of Msxml6.dll is less than 6.0.3888.0.