Eng

Services

Security Assessment

Website Security Audit

Network Penetration Testing

Solutions

DataCenter GreenZone

Web Application Security

Vulnerability Assessment

Intrusion Protection System

News and Events

Search: Advanced search

server monitoring

Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)

Article ID: 34744

Last updated: 27 Jan, 2009

Print

Email to friend

Views: 440

Posted: 22 Jan, 2009
by: Tech Pubs S.

Updated: 27 Jan, 2009
by: Tech Pubs S.

Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)

This script is Copyright (C) 2008 Tenable Network Security


Family	Windows : Microsoft Bulletins
Plugin ID	34744
Bugtraq ID	21872 32155 32204
CVE ID	CVE-2007-0099 CVE-2008-4029 CVE-2008-4033

Description:
Synopsis : Arbitrary code can be executed on the remote host through the web or email client. Description : The remote host is running a version of Windows which contains a flaw in the Windows XML Core Services.. An attacker may be able to execute arbitrary code on the remote host by constructing a malicious script and enticing a victim to visit a web site or view a specially-crafted email message. Solution : Microsoft has released a set of patches for Windows 2000, XP, 2003, Vista and 2008: http://www.microsoft.com/technet/security/Bulletin/MS08-069.mspx Risk factor : High / CVSS Base Score : 9.3 (CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

This article was: Helpful | Not Helpful

Prev		Next
Vulnerability in Outlook could allow code execution (828040)		Non administrators can shut down Windows XP SP1 thru...

server monitoring