Microsoft MSXML Integer Truncation Vulnerability (CVE-2013-0006)
危険度: 緊急
CVE識別番号: CVE-2013-0006,MS13-002
情報公開日: 7 21, 2015
概要
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1005323
Trend Micro Deep Security DPI Rule Name: 1005323 - Identified Suspicious Download Of XML File Over HTTP
影響を受けるソフトウェア
- microsoft expression_web
- microsoft expression_web 2
- microsoft groove_server 2007
- microsoft office 2003
- microsoft office 2007
- microsoft office_compatibility_pack
- microsoft sharepoint_server 2007
- microsoft windows_7 -
- microsoft windows_8 -
- microsoft windows_rt -
- microsoft windows_server_2003
- microsoft windows_server_2008
- microsoft windows_server_2008 -
- microsoft windows_server_2008 r2
- microsoft windows_server_2012 -
- microsoft windows_vista
- microsoft windows_xp
- microsoft windows_xp -
- microsoft word_viewer
- microsoft xml_core_services 3.0
- microsoft xml_core_services 4.0
- microsoft xml_core_services 5.0
- microsoft xml_core_services 6.0