CVE Vulnerabilities

CVE-2015-2471

Published: Aug 15, 2015 | Modified: Oct 12, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Microsoft XML Core Services 3.0, 5.0, and 6.0 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka MSXML Information Disclosure Vulnerability, a different vulnerability than CVE-2015-2434.

Affected Software

Name Vendor Start Version End Version
Xml_core_services Microsoft 3.0 3.0
Xml_core_services Microsoft 5.0 5.0
Xml_core_services Microsoft 6.0 6.0

References