Skip to main content

Microsoft XML Core Services Multiple Vulnerabilities

Last Update Date: 9 Jan 2013 15:09 Release Date: 9 Jan 2013 5457 Views

RISK: High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS
  1. MSXML Integer Truncation Vulnerability
    A remote code execution vulnerability exists in the way that Microsoft Windows parses XML content. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.
  2. MSXML XSLT Vulnerability
    A remote code execution vulnerability exists in the way that Microsoft Windows parses XML content. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Impact

  • Remote Code Execution

System / Technologies affected

  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows Server 2008 R2
  • Windows 8
  • Windows Server 2012
  • Windows RT
  • Microsoft Office 2003
  • Microsoft Office 2007
  • Microsoft Word Viewer
  • Microsoft Office Compatibility Pack
  • Microsoft XML Core Services 3.0
  • Microsoft XML Core Services 4.0
  • Microsoft XML Core Services 6.0

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link