Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow.
2007-08-14T21:17:00.000
2025-04-09T00:30:58.490
Deferred
CVSSv2: 9.3 (HIGH)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | microsoft | xml_core_services | 3.0 | Yes |
| Application | microsoft | xml_core_services | 4.0 | Yes |
| Application | microsoft | xml_core_services | 6.0 | Yes |
| Operating System | microsoft | windows_server_2003 | * | No |
| Operating System | microsoft | windows_server_2003 | - | No |
| Operating System | microsoft | windows_server_2003 | - | No |
| Operating System | microsoft | windows_server_2003 | - | No |
| Operating System | microsoft | windows_vista | - | No |
| Operating System | microsoft | windows_vista | - | No |
| Operating System | microsoft | windows_vista | - | No |
| Operating System | microsoft | windows_vista | - | No |
| Operating System | microsoft | windows_xp | - | No |
| Operating System | microsoft | windows_xp | - | No |
| Operating System | microsoft | windows_xp | - | No |
| Operating System | microsoft | windows_xp | - | No |
| Application | microsoft | xml_core_services | 4.0 | Yes |
| Operating System | microsoft | windows_server_2008 | - | No |
| Operating System | microsoft | windows_server_2008 | - | No |
| Application | microsoft | xml_core_services | 5.0 | Yes |
| Application | microsoft | expression_web | * | No |
| Application | microsoft | office | 2003 | No |
| Application | microsoft | office | 2007 | No |
| Application | microsoft | office_compatibility_pack | 2007 | No |
| Application | microsoft | office_groove_server | 2007 | No |
| Application | microsoft | office_sharepoint_server | * | No |
| Application | microsoft | word_viewer | 2003 | No |