Microsoft Windows System Information Console Information Disclosure Vulnerability

Microsoft windows is a popular operating system. Microsoft System Information Console does not properly parse XML inputs that contain references to external entities, allowing an attacker to exploit the vulnerability by submitting a special XML request, obtaining sensitive information, and...

Microsoft Windows Multiple Vulnerabilities (KB4025336)

This host is missing a critical security update according to Microsoft KB4025336 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Windows System Information Console Information Disclosure Vulnerability

An information disclosure vulnerability exists in the Microsoft Common Console Document .msc when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity XXE...

Windows System Information 6.1.7601 XXE Injection

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-MSINFO32-XXE-FILE-EXFILTRATION.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product: ========================== Windows System Information...