ImmuniWeb® by High-Tech Bridge


High-Tech Bridge Newsletter

Subscribe to our newsletter and receive some or all of our corporate news, invitations to security events or HTB Security Advisories – you choose what you want to receive.

CVE-2012-1889 Microsoft XML core services uninitialized memory vulnerability

July 2, 2012

Authors: Brian Mariani, Senior Security Auditor, High-Tech Bridge
Frederic Bourla, Chief Security Specialist, High-Tech Bridge

Before the 30th of May 2012 attackers were exploiting a new Microsoft Internet explorer 0day. The 30th of May 2012 Google warned Microsoft about this vulnerability existing in the core of Internet Explorer XML services. The 12th of June 2012 Microsoft published a security advisory (2719615) which is not a final patch but a temporary “Fix-It” solution. Finally on June 19th 2012 the Metasploit Project released an exploit module which is 100% reliable for internet explorer IE6/7/8/9, Windows XP, Vista, and all the way to Windows 7 SP1. The present publication explains the details about this vulnerability. As a lab test we used a Windows XP - SP3 computer with IE 6.0.


PDF: CVE-2012-1889 Microsoft XML core services uninitialized memory vulnerability (1,1 MB)