CVE-2010-2561

Microsoft XML Core Services 3.0 - Remote Code Execution via Crafted HTTP Response

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-2561. PoCs published by Skylined.

AI-analyzed exploit summary This exploit leverages CVE-2010-2561, a memory corruption vulnerability in the Msxml2.XMLHTTP ActiveX control, by repeatedly sending malformed HTTP responses to trigger a denial-of-service (DoS) or potential remote code execution (RCE). The script sets up a web server that serves a malicious HTML page with JavaScript to exploit the vulnerability.

Description

Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle HTTP responses, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted response, aka "Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Skylined · pythondoswindows

https://www.exploit-db.com/exploits/14609

View Code ZIP pw:eip

This exploit leverages CVE-2010-2561, a memory corruption vulnerability in the Msxml2.XMLHTTP ActiveX control, by repeatedly sending malformed HTTP responses to trigger a denial-of-service (DoS) or potential remote code execution (RCE). The script sets up a web server that serves a malicious HTML page with JavaScript to exploit the vulnerability.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Microsoft XML Core Services (MSXML) 3.0

No auth needed

Prerequisites: Victim must visit the malicious web server · Msxml2.XMLHTTP.3.0 ActiveX control must be enabled

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA10-222A.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11730

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-051

Scores

EPSS 0.2487

EPSS Percentile 97.6%

Details

CWE

CWE-94

Status published

Products (1)

microsoft/xml_core_services 3.0

Published Aug 11, 2010

Tracked Since Feb 18, 2026