CRITICAL: Microsoft XML Core Services Multiple Vulnerabilities (MS08-069)
Affected: Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Office
Description: Microsoft XML Core Services are a collection of components in various Microsoft products that are used to parse XML content. These components contain multiple vulnerabilities in their handling of a variety of XML content. A specially crafted web page containing XML data could trigger a memory corruption vulnerability leading to remote code execution with the privileges of the current user. Other vulnerabilities could lead to information disclosure or cross site scripting vulnerabilities. Some technical details and a proof-of-concept are publicly available for these vulnerabilities.