Lucene search
HistoryJun 13, 2012 - 4:46 a.m.
CVE-2012-1889
microsoft
xml
core services
vulnerability
memory corruption
remote code execution
cve-2012-1889
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.7 High
AI Score
Confidence
Low
0.975 High
EPSS
Percentile
100.0%
Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
Affected configurations
Node
microsoftxml_core_servicesMatch3.0
ORmicrosoftxml_core_servicesMatch4.0
ORmicrosoftxml_core_servicesMatch6.0
microsoftwindows_7x64
ORmicrosoftwindows_7x86
ORmicrosoftwindows_7sp1x64
ORmicrosoftwindows_7sp1x86
ORmicrosoftwindows_7Match-
ORmicrosoftwindows_7Match-sp1x64
ORmicrosoftwindows_7Match-sp1x86
ORmicrosoftwindows_server_2003sp2
ORmicrosoftwindows_server_2008sp2itanium
ORmicrosoftwindows_server_2008sp2x64
ORmicrosoftwindows_server_2008sp2x86
ORmicrosoftwindows_server_2008Match-sp2itanium
ORmicrosoftwindows_server_2008Matchr2itanium
ORmicrosoftwindows_server_2008Matchr2x64
ORmicrosoftwindows_vistasp2
ORmicrosoftwindows_vistaMatch-sp2
ORmicrosoftwindows_xpsp3
ORmicrosoftwindows_xpMatch-sp2x64
Node
microsoftxml_core_servicesMatch5.0
microsoftofficeMatch2003sp3
ORmicrosoftofficeMatch2007sp2
ORmicrosoftofficeMatch2007sp3
References
Related
nessus
nessus
saint
saint
Microsoft XML Core Services memory corruption
2012-06-27 00:00:00
Microsoft XML Core Services memory corruption
2012-06-27 00:00:00
Microsoft XML Core Services memory corruption
2012-06-27 00:00:00
kitploit
kitploit
PwnStar - Script for multi attack (for all your fake-AP needs!)
2014-07-07 20:46:00
threatpost
threatpost
MSXML Exploit Surfaces in Black Hole Kit
2012-07-03 15:32:34
Large-Scale Water Holing Attack Campaigns Hitting Key Targets
2012-09-25 18:08:44
prion
prion
Memory corruption
2012-06-13 04:46:00
seebug
seebug
MSXMLζͺεε§εε
εη ΄εζΌζ΄ (MS12-043)
2012-07-11 00:00:00
Microsoft XML Core ServicesθΏη¨δ»£η ζ§θ‘ζΌζ΄
2012-06-13 00:00:00
openvas
openvas
Microsoft XML Core Services Remote Code Execution Vulnerability (2719615)
2012-06-14 00:00:00
Microsoft XML Core Services Remote Code Execution Vulnerability (2719615)
2012-06-14 00:00:00
checkpoint_advisories
checkpoint_advisories
cisa_kev
cisa_kev
Microsoft XML Core Services Memory Corruption Vulnerability
2022-06-08 00:00:00
canvas
canvas
Immunity Canvas: MS12_043
2012-06-13 04:46:00
packetstorm
packetstorm
Microsoft XML Core Services MSXML Uninitialized Memory Corruption
2012-06-16 00:00:00
mskb
mskb
attackerkb
attackerkb
thn
thn
Microsoft to patch three critical vulnerabilities on Tuesday
2012-07-06 13:30:00
Operation Aurora - Other Zero-Day Attacks targeting finance and Energy
2012-09-08 08:36:00
cvelist
cvelist
CVE-2012-1889
2012-06-13 01:00:00
symantec
symantec
cisa
cisa
Microsoft Releases Security Advisory for Microsoft XML Core Services
2012-06-13 00:00:00
nvd
nvd
CVE-2012-1889
2012-06-13 04:46:46
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2012-08-26 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.7 High
AI Score
Confidence
Low
0.975 High
EPSS
Percentile
100.0%
Related for CVE-2012-1889