How can I help you? Start Chat

US Phone: 1-866-488-6691
International Phone: +44-2036087492

  • E-Mail
  • Facebook
  • LinkedIn
  • Twitter

Check Point Advisories

Microsoft XML Core Services Integer Truncation Memory Corruption (MS13-002; CVE-2013-0006)

Check Point Reference: CPAI-2013-1313
Date Published: 24 Feb 2013
Severity: Critical
Last Updated: 21 Dec 2016
Source: Microsoft Security Bulletin MS13-002
Industry Reference:CVE-2013-0006
Protection Provided by:

Security Gateway
R80, R77, R76, R75, R71, R70

Who is Vulnerable? Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows 8 for 64-bit Systems
Windows Server 2012
Microsoft Office
Microsoft Developer Tools and Software
Microsoft Server Software
Vulnerability Description A memory corruption vulnerability exists in Microsoft XML Core Services. The vulnerability is due to an integer truncation error while Microsoft XML Core Services parses XML content. Remote attackers could exploit this vulnerability by persuading a target user to visit a specially crafted website. Successful exploitation could allow arbitrary code execution in the context of current user.
Update/Patch AvaliableApply patches from: MS13-002

Protection Overview

This protection will detect and block attempts to exploit this vulnerability.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update.For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R80 / R77 / R76 / R75 / R71 / R70

  1. In the IPS tab, click Protections and find the Microsoft XML Core Services Integer Truncation Memory Corruption (MS13-002) protection using the Search tool and Edit the protection's settings.
  2. Install policy on all modules.

This protection's log will contain the following information:

Attack Name:  Web Client Enforcement Violation.
Attack Information:  Microsoft XML Core Services Integer Truncation Memory Corruption (MS13-002)