Microsoft XML Core Services Improper Restriction of XML External Entity Reference Vulnerability


Microsoft XML Core Services suffers from improper restriction of xml external entity reference vulnerability


The information has been provided by Yuki Chen

The original article can be found at:


A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system.

Vulnerable Systems:

Microsoft XML Core Services 

CVE Information:


Disclosure Timeline:
Published Date:10/10/2019

Categories: News