Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft xml core services 5.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-2440
Microsoft XML Core Services 3.0, 5.0, and 6.0 allows remote malicious users to bypass the ASLR protection mechanism via a crafted web site, aka "MSXML Information Disclosure Vulnerability."
Microsoft Xml Core Services 6.0
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 5.0
4.3
CVSSv2
CVE-2015-2471
Microsoft XML Core Services 3.0, 5.0, and 6.0 supports SSL 2.0, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka "MSXML Information Disclosure Vulnerability," a...
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 5.0
Microsoft Xml Core Services 6.0
4.3
CVSSv2
CVE-2015-2434
Microsoft XML Core Services 3.0 and 5.0 supports SSL 2.0, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka "MSXML Information Disclosure Vulnerability," a diffe...
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 5.0
9.3
CVSSv2
CVE-2007-2223
Microsoft XML Core Services (MSXML) 3.0 up to and including 6.0 allows remote malicious users to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow.
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 6.0
Microsoft Xml Core Services 4.0
Microsoft Xml Core Services 5.0
1 EDB exploit
4.3
CVSSv2
CVE-2008-4033
Cross-domain vulnerability in Microsoft XML Core Services 3.0 up to and including 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote malicious users to obtain sensitive information from another domain and corrupt the session sta...
Microsoft Xml Core Services 4.0
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 6.0
Microsoft Xml Core Services 5.0
1 EDB exploit
9.3
CVSSv2
CVE-2012-1889
Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 4.0
Microsoft Xml Core Services 6.0
Microsoft Xml Core Services 5.0
1 EDB exploit
6 Github repositories
1 Article
9.3
CVSSv2
CVE-2013-0007
Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote malicious users to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 4.0
Microsoft Xml Core Services 6.0
Microsoft Windows 7 -
Microsoft Windows 8 -
Microsoft Windows Server 2003
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Vista
Microsoft Windows Xp -
Microsoft Windows Rt -
Microsoft Windows Server 2008
Microsoft Windows Xp
Microsoft Xml Core Services 5.0
Microsoft Expression Web
Microsoft Expression Web 2
Microsoft Groove Server 2007
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Compatibility Pack
Microsoft Sharepoint Server 2007
9.3
CVSSv2
CVE-2013-0006
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote malicious users to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 4.0
Microsoft Xml Core Services 6.0
Microsoft Windows 7 -
Microsoft Windows 8 -
Microsoft Windows Server 2003
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Vista
Microsoft Windows Xp -
Microsoft Windows Rt -
Microsoft Windows Server 2008
Microsoft Windows Xp
Microsoft Xml Core Services 5.0
Microsoft Expression Web
Microsoft Expression Web 2
Microsoft Groove Server 2007
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office Compatibility Pack
Microsoft Sharepoint Server 2007
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started