- Unauthorized access to XML documents through Internet Explorer -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com
Madrid, October 15, 2004 - The well-known researcher Georgi Guninski(*) has
reported a vulnerability in Microsoft Internet Explorer that could allow
remote access to the XML documents that the user of the affected computer
By exploiting this security flaw, an attacker could create malicious code in
an HTML page that, when downloaded by a user, would recover XML data from
arbitrary servers and send it to the attacker.
(*) The original security advisory is available at:http://www.guninski.com/where_do_you_want_...go_today_1.html
NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
All the best