MS11-049: Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893) (uncredentialed check)

An application on the remote host has an information disclosure vulnerability. When parsing a specially crafted Web Service Discovery .disco file, external XML entities are allowed for untrusted user input. A remote attacker could exploit this by tricking a user into opening a specially crafted...

CVE-2011-1280

The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express SSMSE 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrar...

CVE-2011-1280

CVE-2011-1280 is the XML External Entities Resolution vulnerability affecting Microsoft XML Editor components used with InfoPath 2007 SP2/2010, SQL Server 2005 SP3/4, 2008 SP1/2/R2, SSMSE 2005, and Visual Studio 2005 SP1/2008 SP1/2010. Technical detail from connected documents shows that the issu...

MS11-049: Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893)

An application on the remote host has an XML external entity vulnerability. When parsing a specially crafted Web Service Discovery .disco file, external XML entities are allowed for untrusted user input. This could result in information disclosure. A remote attacker could exploit this by tricking...

Microsoft XML External Entities Resolution CVE-2011-1280 Information Disclosure Vulnerability

Description Microsoft XML editor is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Attackers can exploit this issue by enticing an unsuspecting user to visit a specially crafted...