Remote Code Execution Vulnerability in Microsoft XML Core Services 3.0 - MS10-051ID: oval:org.secpod.oval:def:1214 | Date: (C)2011-06-20 (M)2022-03-15 |
Class: PATCH | Family: windows |
The host is missing a critical security update according to Microsoft security bulletin, MS10-051. The update is required to fix a remote code execution vulnerability. The flaws are present in the Microsoft XML Core Services (MSXML) which fails to handle HTTP responses. Successful exploitation allows an attacker to gain sensitive information such as same user rights as the logged-on user.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Vista |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 8 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Product: |
Microsoft XML Core Services 3.0 |