Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft xml_core_services 3.0 |
||
microsoft xml_core_services 4.0 |
||
microsoft xml_core_services 6.0 |
||
microsoft xml_core_services 5.0 |
This month’s patch Tuesday brings a set of three “critical” bulletins focused on Windows/web browser component vulnerabilities and six other bulletins rated “important”. In other words, two of the critical components are considered “Windows” components, but most likely would be attacked through the web browser. Also, the top priority bulletin patches the CVE-2012-1889 vulnerability being exploited not only by attackers targeting high value targets, but common-off-the-shelf/commodit...