KLA10013
OSI vulnerability in multiple Microsoft XML Core Services

Updated: 05/22/2020

Detect date ?	06/10/2014
Severity ?	Warning
Description	By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited from the network at a point related to MSXML via a specially designed website. It is caused by a missing property information restriction.
Affected products	Windows Server 2003 SP2 x86, x64, for Itanium Windows Vista SP2 x86, x64 Windows Server 2008 SP2 x86, x64, for Itanium Windows 7 SP1 x86, x64 Windows Server 2008 R2 SP1 x64, for Itanium Windows 8 x86, x64 Windows 8.1 x86, x64 Windows Server 2012, 2012 R2 Windows RT & Windows RT 8.1
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	MS Bulletin CVE-2014-1816
Impacts ?	ACE [?] OSI [?] DoS [?] SB [?] PE [?]
Related products	Microsoft Windows Microsoft Windows Server
CVE-IDS ?	CVE-2014-18164.3Warning
Microsoft official advisories	Microsoft Security Update Guide
KB list	2966631 2957482 2966061 2939576

KLA10013OSI vulnerability in multiple Microsoft XML Core Services