MS KB2719615: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution
High Nessus Plugin ID 59461
SynopsisArbitrary code can be executed on the remote host through a web browser.
DescriptionThe remote host is missing the workaround referenced in KB 2719615.
An issue exists in Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 when the application attempts to access an object in memory that has not been initialized, which may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.
SolutionApply the Microsoft suggested workaround.