Trend Micro Security

Microsoft MSXML Integer Truncation Vulnerability (CVE-2013-0006)

2015年7月21日
  危険度: : 緊急
  CVE識別番号: CVE-2013-0006,MS13-002

  概要

Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1005323
  Trend Micro Deep Security DPI Rule Name: 1005323 - Identified Suspicious Download Of XML File Over HTTP

  影響を受けるソフトウェア

  • microsoft expression_web
  • microsoft expression_web 2
  • microsoft groove_server 2007
  • microsoft office 2003
  • microsoft office 2007
  • microsoft office_compatibility_pack
  • microsoft sharepoint_server 2007
  • microsoft windows_7 -
  • microsoft windows_8 -
  • microsoft windows_rt -
  • microsoft windows_server_2003
  • microsoft windows_server_2008
  • microsoft windows_server_2008 -
  • microsoft windows_server_2008 r2
  • microsoft windows_server_2012 -
  • microsoft windows_vista
  • microsoft windows_xp
  • microsoft windows_xp -
  • microsoft word_viewer
  • microsoft xml_core_services 3.0
  • microsoft xml_core_services 4.0
  • microsoft xml_core_services 5.0
  • microsoft xml_core_services 6.0