Microsoft XML Core Services 4.0, 5.0, 6.0 - Remote Code Execution via Crafted Web Page
Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."