CVE-2012-1889
published 2012-06-13CVE-2012-1889: Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2022-06-22
Exploited in the wild
Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | xml_core_services | — | — |
| microsoft | xml_core_services | — | — |
| microsoft | xml_core_services | — | — |
| microsoft | xml_core_services | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vulncheck8.8HIGH
cisa8.8HIGH