MS10-051: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2079403)
High Nessus Plugin ID 48288
SynopsisArbitrary code can be executed on the remote host through its Microsoft XML Core Services component.
DescriptionThe version of Microsoft XML Core Services (MSXML) 3.0 on the remote Windows host is affected by a memory corruption vulnerability that can be triggered when processing certain HTTP responses.
If an attacker can trick a user on the affected system into visiting a malicious website using Internet Explorer, this issue could be leveraged to execute arbitrary code subject to the user's privileges.
SolutionMicrosoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, and 2008 R2.