Описание
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2013-0006
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-002
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16429
- https://us-cert.cisa.gov/ics/advisories/icsa-20-315-01
- http://www.us-cert.gov/cas/techalerts/TA13-008A.html
Связанные уязвимости
CVSS3: 8.8
nvd
около 13 лет назад
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."