Vulnerabilities: Microsoft SQLXML

SQLXML enables the transfer of XML data to and from SQL Server 2000. Two vulnerabilities exist in SQLXML:

"1. An unchecked buffer vulnerability in an ISAPI extension that could,in the worst case, allow an attacker to run code of their choice on the Microsoft Internet Information Services (IIS) Server.

2. A vulnerability in a function specifying an XML tag that could allow an attacker to run script on the user's computer with higher privilege. For example, a script might be able to be run in the Intranet Zone instead of the Internet Zone."

More information can be found here

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Microsoft

Show Comments