← CVECheck
HomeVulnerabilities

CVE-2002-0057 — MEDIUM severity vulnerability (XMLHTTP control in Microsoft XML Core Services 2.6 and later)

XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source.

CVE IDCVE-2002-0057
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2002-03-08
Last modified2026-04-16
DescriptionXMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →