35 matches found
oXygen XML Editor 21.1.1 - XML External Entity Injection
oXygen XML Editor 21.1.1 - XML External Entity Injection Exploit Title: oXygen XML Editor 21.1.1 - XML External Entity Injection Author: Pablo Santiago Date: 2019-11-13 Vendor Homepage: https://www.oxygenxml.com/ Source:https://www.oxygenxml.com/xmleditor/downloadoxygenxmleditor.html Version:...
oXygen XML Editor 21.1.1 XML Injection
Exploit Title: oXygen XML Editor 21.1.1 - XML External Entity Injection Author: Pablo Santiago Date: 2019-11-13 Vendor Homepage: https://www.oxygenxml.com/ Source:https://www.oxygenxml.com/xmleditor/downloadoxygenxmleditor.html Version: 21.1.1 CVE : N/A Tested on: Windows 7 PoC 1- python -m...
oXygen XML Editor 21.1.1 - XML External Entity Injection
Exploit Title: oXygen XML Editor 21.1.1 - XML External Entity Injection Author: Pablo Santiago Date: 2019-11-13 Vendor Homepage: https://www.oxygenxml.com/ Source:https://www.oxygenxml.com/xmleditor/downloadoxygenxmleditor.html Version: 21.1.1 CVE : N/A Tested on: Windows 7 PoC 1- python -m...
MS11-049: Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893) (uncredentialed check)
An application on the remote host has an information disclosure vulnerability. When parsing a specially crafted Web Service Discovery .disco file, external XML entities are allowed for untrusted user input. A remote attacker could exploit this by tricking a user into opening a specially crafted...
Microsoft XML Editor Information Disclosure Vulnerability (2543893)
This host is missing an important security update according to Microsoft Bulletin MS11-049. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2011-1280
The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express SSMSE 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrar...
Xxe
The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express SSMSE 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrar...
CVE-2011-1280
CVE-2011-1280 is the XML External Entities Resolution vulnerability affecting Microsoft XML Editor components used with InfoPath 2007 SP2/2010, SQL Server 2005 SP3/4, 2008 SP1/2/R2, SSMSE 2005, and Visual Studio 2005 SP1/2008 SP1/2010. Technical detail from connected documents shows that the issu...
MS11-049: Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893)
An application on the remote host has an XML external entity vulnerability. When parsing a specially crafted Web Service Discovery .disco file, external XML entities are allowed for untrusted user input. This could result in information disclosure. A remote attacker could exploit this by tricking...
Microsoft XML Editor information leakage
Information leakage via .disco files...
KB2543893 - MS11-049: Vulnerability in the Microsoft XML Editor could allow information disclosure: June 14, 2011
Resolves a vulnerability in Microsoft XML Editor that could allow information disclosure if a user opened a specially crafted Web Service Discovery .disco file within one of the applications listed in the "Applies to" section.IntroductionMicrosoft has released security bulletin MS11-049. To view...
Liquid XML Studio LtXmlComHelp8.dll ActiveX OpenFile Buffer Overflow
Liquid Technologies develops and maintains an XML editor, Liquid XML Studio. Liquid XML is composed of an XML developers toolkit and IDE, enabling developers to design and develop XML Schema and applications. Bundled with the application is an ActiveX component that is registered on the system...
Security Update for Microsoft Visual Studio 2005 Service Pack 1 XML Editor (KB2251481)
A security issue has been identified leading to an XXE Xml eXternal Entity vulnerability. You can protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer...
Security Update for Microsoft Visual Studio 2008 Service Pack 1 XML Editor (KB2251487)
A security issue has been identified leading to an XXE Xml eXternal Entity vulnerability. You can protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer...
Security Update for Microsoft Visual Studio 2005 Service Pack 1 XML Editor (KB2251481)
A security issue has been identified leading to an XXE Xml eXternal Entity vulnerability. You can protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer...