Information Disclosure Vulnerability in Microsoft XML Core Services
CVE-2014-1816

Currently unrated

Key Information:

Vendor

Microsoft
Status
Xml Core Services
Vendor
CVE Published:
11 June 2014

What is CVE-2014-1816?

Microsoft XML Core Services versions 3.0 and 6.0 have a vulnerability that allows remote attackers to exploit a flaw in the download process used by Internet Explorer. This oversight permits the discovery of full pathnames of files on the client system as well as local usernames embedded within these pathnames. Attackers can use specially crafted websites to exploit this vulnerability, leading to unintentional information exposure for users.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://www.securityfocus.com/bid/67895
vdb-entryx_refsource_BID
http://blogs.technet.com/b/srd/archive/2014/06/10/assessi...
x_refsource_CONFIRM

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.