Описание
Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle HTTP responses, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted response, aka "Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability."
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:microsoft:xml_core_services:3.0:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.61291
Средний
9.3 Critical
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
больше 3 лет назад
Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle HTTP responses, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted response, aka "Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability."
EPSS
Процентиль: 98%
0.61291
Средний
9.3 Critical
CVSS2
Дефекты
CWE-94