Westpoint Security Advisory - SQLXML allows XML data to be transferred to and from SQL Server, returning database queries as XML. SQLXML has two vulnerabilities - a buffer overflow in the SQLXML ISAPI filter and a cross site scripting vulnerability. These bugs are discussed in MS02-030.
11b451a50a7794ab52be537a852add9ac09a0ab37b6dff3b1edbf49c061125b0