2 matches found
CVE-2015-2556
CVE-2015-2556 is an information-disclosure vulnerability affecting Microsoft SharePoint Server 2007 SP3 and 2010 SP2, arising from how the InfoPath Forms Services component parses DTDs. The root cause is improper handling of XML External Entities (XXE), allowing a remote attacker to read arbitrar...
KLA10675 Multiple vulnerabilities in Microsoft Office
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper memory...