Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft.XMLDOM ActiveX控件拒绝服务漏洞
Vulnerability Description
Microsoft.XMLDOM ActiveX是美国微软(Microsoft)公司的一个用于访问和操作XML文档的编程接口规范,它能够获取、更改、添加或删除XML元素。 Microsoft Windows 8.1及之前版本的Microsoft.XMLDOM ActiveX控件中存在拒绝服务漏洞,该漏洞源于在实体扩展期间,程序没有正确检测递归。远程攻击者可借助特制的XML文档利用该漏洞造成拒绝服务(内存和CPU消耗)。
CVSS Information
N/A
Vulnerability Type
N/A