Lucene search
MicrosoftCVE-2013-0006HistoryJan 09, 2013 - 6:09 p.m.
CVE-2013-0006
2013-01-0918:09:40
CWE-189
microsoft
web.nvd.nist.gov
75
microsoft
xml core services
msxml
integer truncation
vulnerability
remote code execution
cve-2013-0006
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.947
Percentile
99.3%
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka βMSXML Integer Truncation Vulnerability.β
Affected configurations
Node
microsoftxml_core_servicesMatch3.0
ORmicrosoftxml_core_servicesMatch4.0
ORmicrosoftxml_core_servicesMatch6.0
microsoftwindows_7Match-
ORmicrosoftwindows_7Match-sp1x64
ORmicrosoftwindows_8Match--x64
ORmicrosoftwindows_server_2003sp2
ORmicrosoftwindows_server_2008Match-sp2itanium
ORmicrosoftwindows_server_2008Match-sp2x64
ORmicrosoftwindows_server_2008Matchr2-x64
ORmicrosoftwindows_server_2012Match-
ORmicrosoftwindows_vistasp2
ORmicrosoftwindows_xpMatch-sp2x64
Node
microsoftxml_core_servicesMatch4.0
ORmicrosoftxml_core_servicesMatch6.0
microsoftwindows_7Match-
ORmicrosoftwindows_rtMatch-
ORmicrosoftwindows_server_2003sp2
ORmicrosoftwindows_server_2008sp2x86
ORmicrosoftwindows_vistasp2
ORmicrosoftwindows_xpsp3
Node
microsoftxml_core_servicesMatch5.0
microsoftexpression_websp1
ORmicrosoftexpression_webMatch2
ORmicrosoftgroove_serverMatch2007sp2
ORmicrosoftgroove_serverMatch2007sp3
ORmicrosoftofficeMatch2003sp3
ORmicrosoftofficeMatch2007sp2
ORmicrosoftofficeMatch2007sp3
ORmicrosoftoffice_compatibility_packsp2
ORmicrosoftoffice_compatibility_packsp3
ORmicrosoftsharepoint_serverMatch2007sp2
ORmicrosoftsharepoint_serverMatch2007sp3
ORmicrosoftword_viewer
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | xml_core_services | 3.0 | cpe:2.3:a:microsoft:xml_core_services:3.0:*:*:*:*:*:*:* |
| microsoft | xml_core_services | 4.0 | cpe:2.3:a:microsoft:xml_core_services:4.0:*:*:*:*:*:*:* |
| microsoft | xml_core_services | 6.0 | cpe:2.3:a:microsoft:xml_core_services:6.0:*:*:*:*:*:*:* |
| microsoft | windows_7 | - | cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:* |
| microsoft | windows_7 | - | cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:* |
| microsoft | windows_8 | - | cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:* |
| microsoft | windows_server_2003 | * | cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2008 | - | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:* |
| microsoft | windows_server_2008 | - | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64:*:*:*:*:* |
| microsoft | windows_server_2008 | r2 | cpe:2.3:o:microsoft:windows_server_2008:r2:-:x64:*:*:*:*:* |
Related
symantec
symantec
prion
prion
Integer overflow
2013-01-09 18:09:00
nvd
nvd
CVE-2013-0006
2013-01-09 18:09:40
checkpoint_advisories
checkpoint_advisories
seebug
seebug
Microsoft XML Core Servicesζ΄ζ°ζͺζζΌζ΄οΌMS13-002)
2013-01-09 00:00:00
cvelist
cvelist
CVE-2013-0006
2013-01-09 18:00:00
ics
ics
OSIsoft PI Interface for OPC XML-DA
2020-11-10 12:00:00
nessus
nessus
mskb
mskb
openvas
openvas
Microsoft XML Core Services Remote Code Execution Vulnerabilities (2756145)
2013-01-09 00:00:00
Microsoft XML Core Services Remote Code Execution Vulnerabilities (2756145)
2013-01-09 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2013-01-10 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.947
Percentile
99.3%
Related for CVE-2013-0006