MS13-002: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (2756145)

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.

Synopsis :

Arbitrary code can be executed on the remote host through Microsoft XML
Core Services.

Description :

The version of Microsoft XML Core Services installed on the remote
Windows host is affected by multiple code execution vulnerabilities when
visiting a specially crafted web page using Internet Explorer.

See also :

Solution :

Microsoft has released a set of patches for Windows XP, 2003, Vista,
2008, 7, and 2008 R2, 8, 2012, Office 2003, 2007, Word Viewer, Office
Compatibility Pack, Expression Web Service, Expression Web 2, SharePoint
Server 2007 and Groove Server 2007.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 63420 ()

Bugtraq ID: 57116

CVE ID: CVE-2013-0006