Kaspersky LabKLA10558KLA10558 Obtain sensitive information vulnerability in MSXML
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
98.0%
An unspecified vulnerability was found in Microsoft XML Core Services. By exploiting this vulnerability malicious users can bypass security restrictions or obtain sensitive information. This vulnerability can be exploited remotely via a specially designed DTD.
Original advisories
Related products
CVE list
CVE-2015-1646 warning
KB list
Solution
Update to the latest version
Impacts
- OSI
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Affected Products
- Microsoft XML Core Services version 3.0
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
98.0%