Microsoft XML Core Services Multiple Vulnerabilities
Last Update Date:
9 Jan 2013 15:09
Release Date:
9 Jan 2013
5457
Views
RISK: High Risk
TYPE: Operating Systems - Windows OS
- MSXML Integer Truncation Vulnerability
A remote code execution vulnerability exists in the way that Microsoft Windows parses XML content. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user. - MSXML XSLT Vulnerability
A remote code execution vulnerability exists in the way that Microsoft Windows parses XML content. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Impact
- Remote Code Execution
System / Technologies affected
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
- Windows 8
- Windows Server 2012
- Windows RT
- Microsoft Office 2003
- Microsoft Office 2007
- Microsoft Word Viewer
- Microsoft Office Compatibility Pack
- Microsoft XML Core Services 3.0
- Microsoft XML Core Services 4.0
- Microsoft XML Core Services 6.0
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
http://technet.microsoft.com/en-us/security/bulletin/ms13-002
Vulnerability Identifier
Source
Related Link
Share with