This script is Copyright (C) 2012-2017 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote host through a web
The remote host is missing the workaround referenced in KB 2719615.
An issue exists in Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0
when the application attempts to access an object in memory that has
not been initialized, which may corrupt memory in such a way that an
attacker could execute arbitrary code in the context of the logged-on
See also :
Apply the Microsoft suggested workaround.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.4
Public Exploit Available : true