Microsoft MSXML Integer Truncation Vulnerability (CVE-2013-0006)
Publish Date: 21 luglio 2015
Gravità: : Critico
Identificatori CVE: CVE-2013-0006,MS13-002
Data notifica: 21 luglio 2015
Descrizione
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."
Informazioni esposizione:
Apply associated Trend Micro DPI Rules.
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1005323
Trend Micro Deep Security DPI Rule Name: 1005323 - Identified Suspicious Download Of XML File Over HTTP
Software e versione interessati:
- microsoft expression_web
- microsoft expression_web 2
- microsoft groove_server 2007
- microsoft office 2003
- microsoft office 2007
- microsoft office_compatibility_pack
- microsoft sharepoint_server 2007
- microsoft windows_7 -
- microsoft windows_8 -
- microsoft windows_rt -
- microsoft windows_server_2003
- microsoft windows_server_2008
- microsoft windows_server_2008 -
- microsoft windows_server_2008 r2
- microsoft windows_server_2012 -
- microsoft windows_vista
- microsoft windows_xp
- microsoft windows_xp -
- microsoft word_viewer
- microsoft xml_core_services 3.0
- microsoft xml_core_services 4.0
- microsoft xml_core_services 5.0
- microsoft xml_core_services 6.0