Gravità: : Critico
  Identificatori CVE: CVE-2013-0006,MS13-002
  Data notifica: 21 luglio 2015

  Descrizione

Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."

  Informazioni esposizione:

Apply associated Trend Micro DPI Rules.

  Soluzioni

  Trend Micro Deep Security DPI Rule Number: 1005323
  Trend Micro Deep Security DPI Rule Name: 1005323 - Identified Suspicious Download Of XML File Over HTTP

  Software e versione interessati:

  • microsoft expression_web
  • microsoft expression_web 2
  • microsoft groove_server 2007
  • microsoft office 2003
  • microsoft office 2007
  • microsoft office_compatibility_pack
  • microsoft sharepoint_server 2007
  • microsoft windows_7 -
  • microsoft windows_8 -
  • microsoft windows_rt -
  • microsoft windows_server_2003
  • microsoft windows_server_2008
  • microsoft windows_server_2008 -
  • microsoft windows_server_2008 r2
  • microsoft windows_server_2012 -
  • microsoft windows_vista
  • microsoft windows_xp
  • microsoft windows_xp -
  • microsoft word_viewer
  • microsoft xml_core_services 3.0
  • microsoft xml_core_services 4.0
  • microsoft xml_core_services 5.0
  • microsoft xml_core_services 6.0