[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

127571

 
 

909

 
 

105400

 
 

152

Paid content will be excluded from the download.


Download | Alert*
OVAL

Visual Studio Information Disclosure Vulnerability - CVE-2019-1079

ID: oval:org.secpod.oval:def:57364Date: (C)2019-07-11   (M)2019-07-18
Class: VULNERABILITYFamily: windows




An information disclosure vulnerability exists when Visual Studio improperly parses XML input in certain settings files. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration.To exploit the vulnerability, an attacker could create specially crafted XML data and convince an authenticated user to open the file.The update addresses the vulnerability by modifying the way that Visual Studio parses XML input.

Platform:
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8.1
Microsoft Windows 10
Microsoft Windows 8
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Product:
Microsoft Visual Studio 2010
Microsoft Visual Studio 2012
Microsoft Visual Studio 2013
Microsoft Visual Studio 2015
Reference:
CVE-2019-1079
CVE    1
CVE-2019-1079
CPE    8
cpe:/a:microsoft:visual_studio:2010:sp1
cpe:/a:microsoft:visual_studio:2013:u5
cpe:/a:microsoft:visual_studio:2012:u5
cpe:/a:microsoft:visual_studio:2015
...

© SecPod Technologies