CVE-2017-0022 - Microsoft XML Core Services Information Disclosure Vulnerability
Project:Microsoft
Product:XML Core Services
Date Added:2022-05-24Due Date:2022-06-14
Vulnerability Name
Microsoft XML Core Services Information Disclosure Vulnerability
Description
Microsoft XML Core Services (MSXML) improperly handles objects in memory, allowing attackers to test for files on disk via a crafted web site.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-0022