3 matches found
CVE-2017-0043
CVE-2017-0043 affects Active Directory Federation Services (ADFS) across Windows Server 2008 R2 SP1, Server 2012/2012 Gold, Server 2016, and Windows 10 1607. The vulnerability involves information disclosure due to processing XML (XML External Entity) handling in ADFS, enabling an authenticated, ...
CVE-2017-0043
Active Directory Federation Services in Microsoft Windows 10 1607, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 2016 allows local users to obtain sensitive information via a crafted application, aka "Microsoft Active Directory Federation Services...
KLA10986 Information disclosure vulnerability in Microsoft Active Directory Federation Services
An improper honoring of XML External Entities was found in Microsoft Active Directory Federation Services ADFS. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed request. Original advisories...