KLA10013
OSI vulnerability in multiple Microsoft XML Core Services
Обновлено: 17/06/2019
Дата обнаружения
10/06/2014
Уровень угрозы
Warning
Описание

By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited from the network at a point related to MSXML via a specially designed website. It is caused by a missing property information restriction.

Пораженные продукты

Windows Server 2003 SP2 x86, x64, for Itanium
Windows Vista SP2 x86, x64
Windows Server 2008 SP2 x86, x64, for Itanium
Windows 7 SP1 x86, x64
Windows Server 2008 R2 SP1 x64, for Itanium
Windows 8 x86, x64 Windows 8.1 x86, x64
Windows Server 2012, 2012 R2
Windows RT & Windows RT 8.1  

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
MS Bulletin
CVE-2014-1816
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]
Связанные продукты
Microsoft Windows
Microsoft Windows Server
CVE-IDS
CVE-2014-18164.3Warning
Microsoft official advisories
Microsoft Security Update Guide
KB list

2966631
2957482
2966061
2939576