Vulnerabilities > Microsoft > XML Core Services > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-06-13 | CVE-2012-1889 | Out-of-bounds Write vulnerability in Microsoft XML Core Services Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 8.8 |
2006-11-06 | CVE-2006-5745 | Remote Code Execution vulnerability in Microsoft XML Core Services 4.0 Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a different vulnerability than CVE-2006-4685. | 7.6 |
2006-10-10 | CVE-2006-4686 | Buffer Overrun vulnerability in Microsoft XML Core Services and XML Parser Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted Web page. | 7.5 |