Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution
Informations
Name MS13-002 First vendor Publication 2013-01-08
Vendor Microsoft Last vendor Modification 2013-12-16
Severity (Vendor) Version Revision 1.2

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Critical
Revision Note: V1.2 (December 16, 2013): Revised bulletin to announce a detection change to correct an offering issue for Windows RT (2757638). This is a detection change only. There were no changes to the update files. Customers who have successfully installed the update do not need to take any action.
Summary: This security update resolves two privately reported vulnerabilities in Microsoft XML Core Services. The vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes the user to the attacker's website.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS13-002

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-189 Numeric Errors (CWE/SANS Top 25)
50 % CWE-94 Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15458
 
Oval ID: oval:org.mitre.oval:def:15458
Title: MSXML XSLT Vulnerability - MS13-002
Description: Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-0007
Version: 9
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Expression Web
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Compatibility Pack
Microsoft Groove Server 2007
Microsoft SharePoint Server 2007
Microsoft Word Viewer
Microsoft XML Core Services 4.0
Microsoft XML Core Services 5.0
Microsoft XML Core Services 6.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16429
 
Oval ID: oval:org.mitre.oval:def:16429
Title: MSXML Integer Truncation Vulnerability - MS13-002
Description: Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-0006
Version: 9
Platform(s): Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
Product(s): Microsoft Expression Web
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Compatibility Pack
Microsoft Groove Server 2007
Microsoft SharePoint Server 2007
Microsoft Word Viewer
Microsoft XML Core Services 3.0
Microsoft XML Core Services 5.0
Microsoft XML Core Services 6.0
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2
Application 2
Application 3
Application 2
Application 2
Application 1
Application 4
Os 2
Os 1
Os 1
Os 1
Os 4
Os 1
Os 2
Os 2

Information Assurance Vulnerability Management (IAVM)

Date Description
2013-01-10 IAVM : 2013-A-0004 - Multiple Vulnerabilities in Microsoft XML Core Services
Severity : Category I - VMSKEY : V0036444

Snort® IPS/IDS

Date Description
2014-01-10 overly large XML file MSXML heap overflow attempt
RuleID : 28286 - Revision : 3 - Type : FILE-OTHER
2014-01-10 MSXML dynamic pointer casting arbitrary code execution attempt
RuleID : 25275 - Revision : 2 - Type : FILE-OTHER
2014-01-10 overly large XML file MSXML heap overflow attempt
RuleID : 25270 - Revision : 6 - Type : FILE-OTHER

Nessus® Vulnerability Scanner

Date Description
2013-01-09 Name : Arbitrary code can be executed on the remote host through Microsoft XML Core ...
File : smb_nt_ms13-002.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Date Informations
2016-04-27 02:00:44
  • Multiple Updates
2014-05-06 11:35:06
  • Multiple Updates
2014-05-06 11:33:03
  • Multiple Updates
2014-04-19 00:26:06
  • Multiple Updates
2014-04-19 00:18:19
  • Multiple Updates
2014-04-18 21:28:35
  • Multiple Updates
2014-04-18 21:19:38
  • Multiple Updates
2014-04-18 17:26:21
  • Multiple Updates
2014-04-18 17:18:43
  • Multiple Updates
2014-04-18 13:29:51
  • Multiple Updates
2014-04-18 13:19:45
  • Multiple Updates
2014-04-18 09:27:07
  • Multiple Updates
2014-04-18 09:18:43
  • Multiple Updates
2014-04-18 05:28:00
  • Multiple Updates
2014-04-18 05:19:55
  • Multiple Updates
2014-04-18 00:26:19
  • Multiple Updates
2014-04-18 00:18:20
  • Multiple Updates
2014-04-17 21:25:57
  • Multiple Updates
2014-04-17 21:19:08
  • Multiple Updates
2014-04-17 17:26:35
  • Multiple Updates
2014-04-17 17:18:35
  • Multiple Updates
2014-04-17 13:29:29
  • Multiple Updates
2014-04-17 13:19:29
  • Multiple Updates
2014-04-17 09:07:50
  • Multiple Updates
2014-02-17 11:47:31
  • Multiple Updates
2014-01-19 21:30:55
  • Multiple Updates
2013-12-17 05:16:10
  • Multiple Updates
2013-11-11 12:41:31
  • Multiple Updates
2013-01-11 21:24:31
  • Multiple Updates
2013-01-10 17:23:09
  • Multiple Updates
2013-01-09 21:20:49
  • Multiple Updates
2013-01-09 05:19:47
  • Multiple Updates
2013-01-09 05:16:12
  • Multiple Updates
2013-01-08 21:22:37
  • Multiple Updates
2013-01-08 21:18:40
  • First insertion