This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2007-08-14
Product Xml Core Services Last view 2015-08-14
Version 5.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:xml_core_services

Activity : Overall

Related : CVE

  Date Alert Description
4.3 2015-08-14 CVE-2015-2471

Microsoft XML Core Services 3.0, 5.0, and 6.0 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka "MSXML Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2434.

4.3 2015-08-14 CVE-2015-2440

Microsoft XML Core Services 3.0, 5.0, and 6.0 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "MSXML Information Disclosure Vulnerability."

4.3 2015-08-14 CVE-2015-2434

Microsoft XML Core Services 3.0 and 5.0 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka "MSXML Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2471.

9.3 2013-01-09 CVE-2013-0007

Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."

9.3 2013-01-09 CVE-2013-0006

Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."

9.3 2012-06-13 CVE-2012-1889

Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

4.3 2008-11-12 CVE-2008-4033

Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka "MSXML Header Request Vulnerability."

9.3 2007-08-14 CVE-2007-2223

Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow.

CWE : Common Weakness Enumeration

%idName
30% (3) CWE-200 Information Exposure
20% (2) CWE-310 Cryptographic Issues
20% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
10% (1) CWE-190 Integer Overflow or Wraparound
10% (1) CWE-189 Numeric Errors
10% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')

SAINT Exploits

Description Link
Microsoft XML Core Services memory corruption More info here

Open Source Vulnerability Database (OSVDB)

id Description
50279 Microsoft XML Core Services HTTP Request Header Field Cross-domain Session St...
36394 Microsoft XML Core Services (MSXML) Multiple Object Handling Overflow

OpenVAS Exploits

id Description
2012-06-14 Name : Microsoft XML Core Services Remote Code Execution Vulnerability (2719615)
File : nvt/gb_ms_xml_core_services_code_exec_vuln.nasl
2011-01-14 Name : Microsoft XML Core Services Remote Code Execution Vulnerability (936227)
File : nvt/gb_ms07-042.nasl
2008-11-12 Name : Microsoft XML Core Services Remote Code Execution Vulnerability (955218)
File : nvt/secpod_ms08-069_900058.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-B-0098 Multiple Vulnerabilities in Microsoft XML Core Services (MS15-084)
Severity: Category II - VMSKEY: V0061289
2013-A-0004 Multiple Vulnerabilities in Microsoft XML Core Services
Severity: Category I - VMSKEY: V0036444
2008-A-0084 Multiple Vulnerabilities in Microsoft XML Core Services
Severity: Category II - VMSKEY: V0017877

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2019-09-17 Microsoft XML core services cross-domain information disclosure attempt
RuleID : 51038 - Type : BROWSER-IE - Revision : 1
2019-05-24 Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt
RuleID : 49932 - Type : BROWSER-PLUGINS - Revision : 1
2019-05-24 Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt
RuleID : 49931 - Type : BROWSER-PLUGINS - Revision : 1
2019-05-24 Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt
RuleID : 49930 - Type : BROWSER-PLUGINS - Revision : 1
2019-05-24 Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt
RuleID : 49929 - Type : BROWSER-PLUGINS - Revision : 1
2014-01-10 overly large XML file MSXML heap overflow attempt
RuleID : 28286 - Type : FILE-OTHER - Revision : 3
2014-01-10 Multiple exploit kit Payload detection - readme.dll
RuleID : 27898 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 Multiple exploit kit Payload detection - calc.dll
RuleID : 27897 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 Multiple exploit kit Payload detection - contacts.dll
RuleID : 27896 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 Multiple exploit kit Payload detection - info.dll
RuleID : 27895 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 Multiple exploit kit Payload detection - about.dll
RuleID : 27894 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 Blackholev2/Darkleech exploit kit landing page request
RuleID : 27865-community - Type : EXPLOIT-KIT - Revision : 7
2014-01-10 Blackholev2/Darkleech exploit kit landing page request
RuleID : 27865 - Type : EXPLOIT-KIT - Revision : 7
2014-01-10 Gong Da exploit kit possible jar download
RuleID : 27706 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10 Gong Da exploit kit Java exploit requested
RuleID : 27705 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10 Gong Da exploit kit Java exploit requested
RuleID : 27704 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10 Gong Da exploit kit plugin detection
RuleID : 27703 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 Gong Da exploit kit landing page
RuleID : 27702 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10 Gong Da Jar file download
RuleID : 27701 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 iFramer toolkit injected iframe detected - specific structure
RuleID : 27271 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10 Blackhole exploit kit landing page retrieval
RuleID : 27072 - Type : EXPLOIT-KIT - Revision : 4
2014-01-10 Blackhole exploit kit landing page retrieval
RuleID : 27071 - Type : EXPLOIT-KIT - Revision : 4
2014-01-10 Blackholev2 exploit kit JNLP request
RuleID : 27070 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 Blackholev2 exploit kit landing page - specific structure
RuleID : 27067 - Type : EXPLOIT-KIT - Revision : 4
2014-01-10 iFramer injection - specific structure
RuleID : 26617 - Type : EXPLOIT-KIT - Revision : 4

Nessus® Vulnerability Scanner

id Description
2015-08-11 Name: The remote host is affected by multiple information disclosure vulnerabilities.
File: smb_nt_ms15-084.nasl - Type: ACT_GATHER_INFO
2013-01-09 Name: Arbitrary code can be executed on the remote host through Microsoft XML Core ...
File: smb_nt_ms13-002.nasl - Type: ACT_GATHER_INFO
2012-07-11 Name: Arbitrary code can be executed on the remote host through Microsoft XML Core ...
File: smb_nt_ms12-043.nasl - Type: ACT_GATHER_INFO
2008-11-12 Name: Arbitrary code can be executed on the remote host through the web or email cl...
File: smb_nt_ms08-069.nasl - Type: ACT_GATHER_INFO
2007-08-14 Name: Arbitrary code can be executed on the remote host through the web or email cl...
File: smb_nt_ms07-042.nasl - Type: ACT_GATHER_INFO