Lucene search
K

35 matches found

exploitpack
exploitpack
added 2019/11/14 12:0 a.m.15 views

oXygen XML Editor 21.1.1 - XML External Entity Injection

oXygen XML Editor 21.1.1 - XML External Entity Injection Exploit Title: oXygen XML Editor 21.1.1 - XML External Entity Injection Author: Pablo Santiago Date: 2019-11-13 Vendor Homepage: https://www.oxygenxml.com/ Source:https://www.oxygenxml.com/xmleditor/downloadoxygenxmleditor.html Version:...

7.8AI score
Exploits0
Packet Storm
Packet Storm
added 2019/11/14 12:0 a.m.219 views

oXygen XML Editor 21.1.1 XML Injection

Exploit Title: oXygen XML Editor 21.1.1 - XML External Entity Injection Author: Pablo Santiago Date: 2019-11-13 Vendor Homepage: https://www.oxygenxml.com/ Source:https://www.oxygenxml.com/xmleditor/downloadoxygenxmleditor.html Version: 21.1.1 CVE : N/A Tested on: Windows 7 PoC 1- python -m...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/14 12:0 a.m.244 views

oXygen XML Editor 21.1.1 - XML External Entity Injection

Exploit Title: oXygen XML Editor 21.1.1 - XML External Entity Injection Author: Pablo Santiago Date: 2019-11-13 Vendor Homepage: https://www.oxygenxml.com/ Source:https://www.oxygenxml.com/xmleditor/downloadoxygenxmleditor.html Version: 21.1.1 CVE : N/A Tested on: Windows 7 PoC 1- python -m...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/03/10 12:0 a.m.264 views

MS11-049: Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893) (uncredentialed check)

An application on the remote host has an information disclosure vulnerability. When parsing a specially crafted Web Service Discovery .disco file, external XML entities are allowed for untrusted user input. A remote attacker could exploit this by tricking a user into opening a specially crafted...

4.3CVSS5.5AI score0.15254EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2011/06/21 12:0 a.m.55 views

Microsoft XML Editor Information Disclosure Vulnerability (2543893)

This host is missing an important security update according to Microsoft Bulletin MS11-049. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS5AI score0.15254EPSS
Exploits1References2
NVD
NVD
added 2011/06/16 8:55 p.m.24 views

CVE-2011-1280

The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express SSMSE 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrar...

4.3CVSS6.9AI score0.15254EPSS
Exploits1References7
Prion
Prion
added 2011/06/16 8:55 p.m.13 views

Xxe

The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express SSMSE 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrar...

4.3CVSS7.6AI score0.15254EPSS
Exploits1References7Affected Software4
CVE
CVE
added 2011/06/16 8:21 p.m.179 views

CVE-2011-1280

CVE-2011-1280 is the XML External Entities Resolution vulnerability affecting Microsoft XML Editor components used with InfoPath 2007 SP2/2010, SQL Server 2005 SP3/4, 2008 SP1/2/R2, SSMSE 2005, and Visual Studio 2005 SP1/2008 SP1/2010. Technical detail from connected documents shows that the issu...

4.3CVSS7AI score0.15254EPSS
Exploits1References7Affected Software4
Tenable Nessus
Tenable Nessus
added 2011/06/15 12:0 a.m.628 views

MS11-049: Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893)

An application on the remote host has an XML external entity vulnerability. When parsing a specially crafted Web Service Discovery .disco file, external XML entities are allowed for untrusted user input. This could result in information disclosure. A remote attacker could exploit this by tricking...

4.3CVSS5.5AI score0.15254EPSS
Exploits1References2
securityvulns
securityvulns
added 2011/06/15 12:0 a.m.65 views

Microsoft XML Editor information leakage

Information leakage via .disco files...

4.3CVSS2.4AI score0.15254EPSS
Exploits1Affected Software3
Microsoft KB
Microsoft KB
added 2011/06/14 12:0 a.m.290 views

KB2543893 - MS11-049: Vulnerability in the Microsoft XML Editor could allow information disclosure: June 14, 2011

Resolves a vulnerability in Microsoft XML Editor that could allow information disclosure if a user opened a specially crafted Web Service Discovery .disco file within one of the applications listed in the "Applies to" section.IntroductionMicrosoft has released security bulletin MS11-049. To view...

4.3CVSS6.2AI score0.15254EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2010/05/12 12:0 a.m.2 views

Liquid XML Studio LtXmlComHelp8.dll ActiveX OpenFile Buffer Overflow

Liquid Technologies develops and maintains an XML editor, Liquid XML Studio. Liquid XML is composed of an XML developers toolkit and IDE, enabling developers to design and develop XML Schema and applications. Bundled with the application is an ActiveX component that is registered on the system...

8.2AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.12 views

Security Update for Microsoft Visual Studio 2005 Service Pack 1 XML Editor (KB2251481)

A security issue has been identified leading to an XXE Xml eXternal Entity vulnerability. You can protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer...

2.9AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.33 views

Security Update for Microsoft Visual Studio 2008 Service Pack 1 XML Editor (KB2251487)

A security issue has been identified leading to an XXE Xml eXternal Entity vulnerability. You can protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer...

2.9AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.19 views

Security Update for Microsoft Visual Studio 2005 Service Pack 1 XML Editor (KB2251481)

A security issue has been identified leading to an XXE Xml eXternal Entity vulnerability. You can protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer...

2.9AI score
Exploits0
Rows per page
Query Builder