XML library vulnerable in Python - is VFP susceptible? - Level Extreme

Level Extreme platform

Subscription

Corporate profile

Products & Services

Support

Legal

Français

XML library vulnerable in Python - is VFP susceptible?

Message

From

15/04/2014 14:36:51

Brandon Harker
Sebae Data Solutions, Inc.
Florida, United States

To

15/04/2014 13:10:51

Hank Fay
Berea, Kentucky, United States

General information

Forum:

Visual FoxPro

Category:

Coding, syntax & commands

Title:

Re: XML library vulnerable in Python - is VFP susceptible?

Environment versions

Visual FoxPro:

VFP 9 SP2

OS:

Windows Server 2012

Network:

Windows 2008 Server

Database:

Visual FoxPro

Application:

Desktop

Miscellaneous

Thread ID:

01598653

Message ID:

01598667

Views:

62

>>Found this interesting XML attack against Python:
>>https://pypi.python.org/pypi/defusedxml
>>
>>Curious if VFP's native XML functions have any vulnerabilities?
>
>VFP ships with MDAC 2.6. Any MDAC before 2.8 is subject to a host of vulnerabilities: http://technet.microsoft.com/en-us/security/bulletin/ms06-014
>
>Hank

Out of curiosity I downloaded and installed the Microsoft Component Checker which will verify your MDAC version. When I ran the program it gave me this message:

Component Checker is not supported on Windows Vista and later
Windows OS's, since MDAC files are protected on these platforms.

Wasn't sure if you knew this or not.

Brandon Harker
Sebae Data Solutions

Click here to load this message in the networking platform