NVD

Id
29167  
Name
CVE-2014-0266  
Description
The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to bypass the Same Origin Policy via a web page that is visited in Internet Explorer, aka "MSXML Information Disclosure Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
7.1  
Severity
High  
CVSS Base Score
7.1  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:N/A:N)  
Pub Date
2017-01-19  
Published
2014-02-11  
Modified Date
2014-02-12  
Seq
2014-0266  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
154791 29167 CVE-2014-0266 MS14-005  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
12486 JVNDB-2014-001361 複数の Microsoft Windows 製品における同一生成元ポリシーを回避される脆弱性 複数の Microsoft Windows 製品の XML Core Services 3.0 の XMLHTTP ActiveX コントロールには、同一生成元ポリシーを回避される脆弱性が存在します。 CVE-2014-0266 67667 CVE-2014-0266 29167 7.1 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001361.html 2014-02-11 2014-02-13 View