MS KB2719615: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

High Nessus Plugin ID 59461


Arbitrary code can be executed on the remote host through a web browser.


The remote host is missing the workaround referenced in KB 2719615.

An issue exists in Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 when the application attempts to access an object in memory that has not been initialized, which may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.


Apply the Microsoft suggested workaround.

See Also

Plugin Details

Severity: High

ID: 59461

File Name: smb_kb2719615.nasl

Version: $Revision: 1.9 $

Type: local

Agent: windows

Family: Windows

Published: 2012/06/13

Modified: 2017/08/30

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 8.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:W/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/06/12

Vulnerability Publication Date: 2012/06/12

Exploitable With

Metasploit (windows/browser/msxml_get_definition_code_exec.rb)

Reference Information

CVE: CVE-2012-1889

BID: 53934

OSVDB: 82873

EDB-ID: 19186

MSKB: 2719615