MS07-042: Description of the security update for Microsoft XML Core Services 6.0: August 14, 2007

MS07-042: Description of the security update for Microsoft XML Core Services 6.0: August 14, 2007 INTRODUCTION Microsoft has released security bulletin MS07-042. The security bulletin contains all the relevant information about the security update. This information includes file manifest...

Microsoft XML Core Services Memory Corruption (MS07-042; CVE-2007-2223)

Microsoft Windows is shipped with an XML processing framework, named MSXML or Microsoft XML Core services. The framework is used by applications shipped with the operating system as well as third party applications. The most popular application using this framework is Internet Explorer, which can...

[Full-disclosure] MS07-042 XMLDOM substringData() PoC

This bit of JavaScript kills IE 6 on Windows 2000 and Windows XP SP2 var xmlDoc = new ActiveXObject"Microsoft.XMLDOM"; xmlDoc.loadXML"dummy/dummy"; var txt = xmlDoc.createTextNode"huh"; var out = txt.substringData1,0x7fffffff; Installing the patch from MS07-042 fixes it. Cheers, Alla Bezroutchko...

Microsoft XML Core Services XMLDOM substringData() buffer overflow

Overview Microsoft XML Core Services contains an unspecified memory corruption vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft XML Core Services MSXML allow developers who use JScript, Visual Basic Scripting...