Microsoft Internet Explorer Disclosure of Sensitive XML Info

Georgi Guninski has reported that a two year old vulnerability has been reintroduced in Microsoft Internet Explorer and can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to insufficient cross-site restrictions when handling XML documents in some situations. This can be exploited on e.g. a malicious web site to view well-formed XML documents on arbitrary servers in the context of a user's session.

Solution:

  • Disable Active Scripting support.

  • Use another browser.
News source: Secunia

Previous Story
Creative Releases PCMCIA Based Audigy 2 ZS
Next Story
MySQL To Use Open-Source Microsoft Toolset