Microsoft Report Viewer TimeMethod Information Disclosure (MS11-067; CVE-2011-1976)

An information disclosure vulnerability has been reported in Microsoft Report Viewer control. The vulnerability is due to improper validation of user input within a TimeMethod parameter. A remote attacker can exploit this issue by enticing a target user to visit a malicious web page. Successful...