CVE-2012-1889 - Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which al

CVE-2012-1889

Summary

Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

References

Vulnerable Configurations

cpe:2.3:a:microsoft:xml_core_services:3.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:xml_core_services:3.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:xml_core_services:4.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:xml_core_services:4.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:xml_core_services:6.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:xml_core_services:6.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:xml_core_services:5.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:xml_core_services:5.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:expression_web:2:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:expression_web:2:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:expression_web:sp1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:expression_web:sp1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:groove:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:groove:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:groove:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:groove:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:groove_server:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:groove_server:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:groove_server:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:groove_server:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:-:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:-:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_word_viewer:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_word_viewer:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:*

CVSS

Base:	9.3 (as of 28-06-2024 - 14:18)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

msbulletin via4

bulletin_id	MS12-043
bulletin_url
date	2012-10-09T00:00:00
impact	Remote Code Execution
knowledgebase_id	2722479
knowledgebase_url
severity	Critical
title	Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

oval via4

accepted

2014-08-18T04:01:11.689-04:00

class

vulnerability

contributors

name SecPod Team
organization SecPod Technologies
name Chandan S
organization SecPod Technologies
name Pradeep R B
organization SecPod Technologies
name Maria Mikhno
organization ALTX-SOFT
name Saurabh Kumar
organization SecPod Technologies
name Maria Mikhno
organization ALTX-SOFT

definition_extensions

comment Microsoft Office 2007 SP2 is installed
oval oval:org.mitre.oval:def:15607
comment Microsoft Office 2007 SP3 is installed
oval oval:org.mitre.oval:def:15704
comment Microsoft Expression Web SP1 is installed
oval oval:org.mitre.oval:def:15420
comment Microsoft Expression Web 2 is installed
oval oval:org.mitre.oval:def:15694
comment Microsoft Office Compatibility Pack SP2 is installed
oval oval:org.mitre.oval:def:15640
comment Microsoft Office Compatibility Pack SP3 is installed
oval oval:org.mitre.oval:def:15035
comment Microsoft Word Viewer is installed
oval oval:org.mitre.oval:def:737
comment Microsoft XML Core Services 5 is installed
oval oval:org.mitre.oval:def:493
comment Microsoft XML Core Services 3 is installed
oval oval:org.mitre.oval:def:415
comment Microsoft XML Core Services 4 is installed
oval oval:org.mitre.oval:def:1002
comment Microsoft XML Core Services 6 is installed
oval oval:org.mitre.oval:def:454
comment Microsoft Windows XP (32-bit) is installed
oval oval:org.mitre.oval:def:1353
comment Microsoft Windows XP x64 is installed
oval oval:org.mitre.oval:def:15247
comment Microsoft Windows Server 2003 (32-bit) is installed
oval oval:org.mitre.oval:def:1870
comment Microsoft Windows Server 2003 (x64) is installed
oval oval:org.mitre.oval:def:730
comment Microsoft Windows Server 2003 (ia64) Gold is installed
oval oval:org.mitre.oval:def:396
comment Microsoft Windows Vista (32-bit) is installed
oval oval:org.mitre.oval:def:1282
comment Microsoft Windows Vista x64 Edition is installed
oval oval:org.mitre.oval:def:2041
comment Microsoft Windows Server 2008 (32-bit) is installed
oval oval:org.mitre.oval:def:4870
comment Microsoft Windows Server 2008 (64-bit) is installed
oval oval:org.mitre.oval:def:5356
comment Microsoft Windows Server 2008 (ia-64) is installed
oval oval:org.mitre.oval:def:5667
comment Microsoft Windows 7 is installed
oval oval:org.mitre.oval:def:12541
comment Microsoft Windows Server 2008 R2 x64 Edition is installed
oval oval:org.mitre.oval:def:6438
comment Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
oval oval:org.mitre.oval:def:5954
comment Microsoft Windows 7 (32-bit) is installed
oval oval:org.mitre.oval:def:6165
comment Microsoft Windows 7 x64 Edition is installed
oval oval:org.mitre.oval:def:5950
comment Microsoft Windows Server 2008 R2 x64 Edition is installed
oval oval:org.mitre.oval:def:6438
comment Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
oval oval:org.mitre.oval:def:5954
comment Microsoft Windows 8 is installed
oval oval:org.mitre.oval:def:15732
comment Microsoft Windows Server 2012 is installed
oval oval:org.mitre.oval:def:16359

description

family

windows

oval:org.mitre.oval:def:15195

status

accepted

submitted

2012-07-16T12:35:55

title

MSXML Uninitialized Memory Corruption Vulnerability - MS12-043

version

refmap via4

cert	TA12-174A TA12-192A
confirm	http://technet.microsoft.com/security/advisory/2719615

saint via4

bid	53934
description	Microsoft XML Core Services memory corruption
osvdb	82873
title	msxml_memory_corruption
type	client

Last major update

28-06-2024 - 14:18

Published

13-06-2012 - 04:46

Last modified

28-06-2024 - 14:18