XML library vulnerable in Python - is VFP susceptible? - Level Extreme

Level Extreme platform

Subscription

Corporate profile

Products & Services

Support

Legal

Français

XML library vulnerable in Python - is VFP susceptible?

Message

From

15/04/2014 18:27:01

Hank Fay
Berea, Kentucky, United States

To

15/04/2014 14:36:51

Brandon Harker
Sebae Data Solutions, Inc.
Florida, United States

General information

Forum:

Visual FoxPro

Category:

Coding, syntax & commands

Title:

Re: XML library vulnerable in Python - is VFP susceptible?

Environment versions

Visual FoxPro:

VFP 9 SP2

OS:

Windows Server 2012

Network:

Windows 2008 Server

Database:

Visual FoxPro

Application:

Desktop

Miscellaneous

Thread ID:

01598653

Message ID:

01598684

Views:

72

The files are protected; but I don't think that means the vulnerabilities are fixed. What's your read on this?

>>>Found this interesting XML attack against Python:
>>>https://pypi.python.org/pypi/defusedxml
>>>
>>>Curious if VFP's native XML functions have any vulnerabilities?
>>
>>VFP ships with MDAC 2.6. Any MDAC before 2.8 is subject to a host of vulnerabilities: http://technet.microsoft.com/en-us/security/bulletin/ms06-014
>>
>>Hank
>
>Out of curiosity I downloaded and installed the Microsoft Component Checker which will verify your MDAC version. When I ran the program it gave me this message:
>
>Component Checker is not supported on Windows Vista and later
>Windows OS's, since MDAC files are protected on these platforms.
>
>Wasn't sure if you knew this or not.

Click here to load this message in the networking platform