4 matches found
Microsoft Visio XML外部实体解析信息泄露漏洞(CVE-2013-1301)(MS13-044)
BUGTRAQ ID: 59765 CVECAN ID: CVE-2013-1301 Microsoft Visio是Windows操作系统下运行的流程图软件,它现在是Microsoft Office软件的一个部分。 Microsoft Visio分析包含外部实体的特制 XML 文件中存在一个信息泄露漏洞,攻击者可利用此漏洞访问敏感信息。 0 Microsoft Visio 2010 Microsoft Visio 2007 Microsoft Visio 2003 临时解决方法: 不要打开从不受信任来源或从受信任来源意外收到的 Office 文件 厂商补丁: Microsoft...
CVE-2013-1301
CVE-2013-1301 concerns Microsoft Visio information disclosure via XML External Entities (XXE). The vulnerability arises when Visio processes XML documents containing external entity declarations, allowing a remote attacker to read arbitrary files. Affected products include Visio 2003 SP3, Visio 2...
MS13-044: Vulnerability in Microsoft Visio Could Allow Information Disclosure (2834692)
The remote host contains a version of Microsoft Visio that is affected by an information disclosure vulnerability due to a flaw in the way Visio parses specially crafted XML files containing external entities. By tricking a user into opening a specially crafted file with Visio, a remote attacker...
Microsoft Visio SVG File Information Disclosure (MS13-044) - High Confidence (CVE-2013-1301)
An information disclosure vulnerability has been reported in Microsoft Visio. The vulnerability is caused when Microsoft Visio improperly handles XML external entities that are resolved within other XML external entity declarations. An attacker who successfully exploited this vulnerability could...