This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2006-10-10
Product Xml Core Services Last view 2015-08-14
Version 6.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:xml_core_services

Activity : Overall

Related : CVE

  Date Alert Description
4.3 2015-08-14 CVE-2015-2471

Microsoft XML Core Services 3.0, 5.0, and 6.0 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka "MSXML Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2434.

4.3 2015-08-14 CVE-2015-2440

Microsoft XML Core Services 3.0, 5.0, and 6.0 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "MSXML Information Disclosure Vulnerability."

4.3 2014-06-11 CVE-2014-1816

Microsoft XML Core Services (aka MSXML) 3.0 and 6.0 does not properly restrict the information transmitted by Internet Explorer during a download action, which allows remote attackers to discover (1) full pathnames on the client system and (2) local usernames embedded in these pathnames via a crafted web site, aka "MSXML Entity URI Vulnerability."

9.3 2013-01-09 CVE-2013-0007

Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."

9.3 2013-01-09 CVE-2013-0006

Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."

9.3 2012-06-13 CVE-2012-1889

Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

4.3 2008-11-12 CVE-2008-4033

Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka "MSXML Header Request Vulnerability."

9.3 2007-08-14 CVE-2007-2223

Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow.

7.5 2006-10-10 CVE-2006-4686

Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted Web page.

2.6 2006-10-10 CVE-2006-4685

The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 does not properly handle HTTP server-side redirects, which allows remote user-assisted attackers to access content from other domains.

CWE : Common Weakness Enumeration

%idName
22% (2) CWE-200 Information Exposure
22% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
11% (1) CWE-310 Cryptographic Issues
11% (1) CWE-264 Permissions, Privileges, and Access Controls
11% (1) CWE-190 Integer Overflow or Wraparound
11% (1) CWE-189 Numeric Errors
11% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')

SAINT Exploits

Description Link
Microsoft XML Core Services memory corruption More info here

Open Source Vulnerability Database (OSVDB)

id Description
50279 Microsoft XML Core Services HTTP Request Header Field Cross-domain Session St...
36394 Microsoft XML Core Services (MSXML) Multiple Object Handling Overflow
29426 Microsoft XML Core Services XSLT Processing Overflow
29425 Microsoft XML Core Services XMLHTTP ActiveX Control Server-side Redirect Info...

OpenVAS Exploits

id Description
2012-06-14 Name : Microsoft XML Core Services Remote Code Execution Vulnerability (2719615)
File : nvt/gb_ms_xml_core_services_code_exec_vuln.nasl
2011-01-14 Name : Microsoft XML Core Services Remote Code Execution Vulnerability (936227)
File : nvt/gb_ms07-042.nasl
2008-11-12 Name : Microsoft XML Core Services Remote Code Execution Vulnerability (955218)
File : nvt/secpod_ms08-069_900058.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-B-0098 Multiple Vulnerabilities in Microsoft XML Core Services (MS15-084)
Severity: Category II - VMSKEY: V0061289
2014-B-0075 Microsoft XML Core Services Information Disclosure Vulnerability
Severity: Category I - VMSKEY: V0052481
2013-A-0004 Multiple Vulnerabilities in Microsoft XML Core Services
Severity: Category I - VMSKEY: V0036444
2008-A-0084 Multiple Vulnerabilities in Microsoft XML Core Services
Severity: Category II - VMSKEY: V0017877

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2019-09-17 Microsoft XML core services cross-domain information disclosure attempt
RuleID : 51038 - Type : BROWSER-IE - Revision : 1
2019-05-24 Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt
RuleID : 49932 - Type : BROWSER-PLUGINS - Revision : 1
2019-05-24 Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt
RuleID : 49931 - Type : BROWSER-PLUGINS - Revision : 1
2019-05-24 Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt
RuleID : 49930 - Type : BROWSER-PLUGINS - Revision : 1
2019-05-24 Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt
RuleID : 49929 - Type : BROWSER-PLUGINS - Revision : 1
2014-01-10 overly large XML file MSXML heap overflow attempt
RuleID : 28286 - Type : FILE-OTHER - Revision : 3
2014-01-10 Multiple exploit kit Payload detection - readme.dll
RuleID : 27898 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 Multiple exploit kit Payload detection - calc.dll
RuleID : 27897 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 Multiple exploit kit Payload detection - contacts.dll
RuleID : 27896 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 Multiple exploit kit Payload detection - info.dll
RuleID : 27895 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 Multiple exploit kit Payload detection - about.dll
RuleID : 27894 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 Blackholev2/Darkleech exploit kit landing page request
RuleID : 27865-community - Type : EXPLOIT-KIT - Revision : 7
2014-01-10 Blackholev2/Darkleech exploit kit landing page request
RuleID : 27865 - Type : EXPLOIT-KIT - Revision : 7
2014-01-10 Gong Da exploit kit possible jar download
RuleID : 27706 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10 Gong Da exploit kit Java exploit requested
RuleID : 27705 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10 Gong Da exploit kit Java exploit requested
RuleID : 27704 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10 Gong Da exploit kit plugin detection
RuleID : 27703 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 Gong Da exploit kit landing page
RuleID : 27702 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10 Gong Da Jar file download
RuleID : 27701 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 iFramer toolkit injected iframe detected - specific structure
RuleID : 27271 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10 Blackhole exploit kit landing page retrieval
RuleID : 27072 - Type : EXPLOIT-KIT - Revision : 4
2014-01-10 Blackhole exploit kit landing page retrieval
RuleID : 27071 - Type : EXPLOIT-KIT - Revision : 4
2014-01-10 Blackholev2 exploit kit JNLP request
RuleID : 27070 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 Blackholev2 exploit kit landing page - specific structure
RuleID : 27067 - Type : EXPLOIT-KIT - Revision : 4
2014-01-10 iFramer injection - specific structure
RuleID : 26617 - Type : EXPLOIT-KIT - Revision : 4

Nessus® Vulnerability Scanner

id Description
2015-08-11 Name: The remote host is affected by multiple information disclosure vulnerabilities.
File: smb_nt_ms15-084.nasl - Type: ACT_GATHER_INFO
2014-06-11 Name: The remote host is affected by an information disclosure vulnerability.
File: smb_nt_ms14-033.nasl - Type: ACT_GATHER_INFO
2013-01-09 Name: Arbitrary code can be executed on the remote host through Microsoft XML Core ...
File: smb_nt_ms13-002.nasl - Type: ACT_GATHER_INFO
2012-07-11 Name: Arbitrary code can be executed on the remote host through Microsoft XML Core ...
File: smb_nt_ms12-043.nasl - Type: ACT_GATHER_INFO
2008-11-12 Name: Arbitrary code can be executed on the remote host through the web or email cl...
File: smb_nt_ms08-069.nasl - Type: ACT_GATHER_INFO
2007-08-14 Name: Arbitrary code can be executed on the remote host through the web or email cl...
File: smb_nt_ms07-042.nasl - Type: ACT_GATHER_INFO
2006-10-10 Name: Arbitrary code can be executed on the remote host through the web or email cl...
File: smb_nt_ms06-061.nasl - Type: ACT_GATHER_INFO