Detections
Analytics
MS02-008: XML Core Services patch (318203)
medium Nessus Plugin ID 10866
Synopsis
Local files can be retrieved through the web client.Description
The remote host is running a version of Internet Explorer that could allow an attacker to read local files on the remote host.To exploit this flaw, an attacker would need to lure a victim on the remote system into visiting a rogue website.
Solution
Microsoft has released a set of patches for the Windows NT, 2000 and XP.See Also
https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2002/ms02-008
Plugin Details
Severity: Medium
ID: 10866
File Name: smb_nt_ms02-008.nasl
Version: 1.39
Type: local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 2/24/2002
Updated: 11/15/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.2
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N
Vulnerability Information
CPE: cpe:/o:microsoft:windows, cpe:/a:microsoft:xml_core_services
Required KB Items: SMB/Registry/Enumerated
Exploit Ease: No known exploits are available
Patch Publication Date: 2/21/2002
Vulnerability Publication Date: 12/15/2001
Reference Information
CVE: CVE-2002-0057
BID: 3699