CVE-2012-1889

Name of the Vulnerable Software and Affected Versions Microsoft XML Core Services versions 3.0 through 6.0

Description The issue allows remote attackers to execute arbitrary code or cause a denial of service due to memory corruption via a crafted web site. This is caused by the component accessing uninitialized memory locations. An attacker who successfully exploits this issue could take complete control of an affected system, then install programs, view, change, or delete data, or create new accounts with full user rights. Users with fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Recommendations For Microsoft XML Core Services versions 3.0 through 6.0, update to a version that fixes the memory corruption issue to prevent remote code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.