Title

Microsoft XML Editor Information Disclosure Vulnerability (Cat II impact)

Discussion

Microsoft has addressed a vulnerability affecting Microsoft XML Editor. The Microsoft XML Editor is the editor for XML files. To exploit these vulnerabilities, an attacker would entice a user to open a malicious Web Service Discovery (.disco) file with a vulnerable application. If successfully exploited, this vulnerability would allow an attacker access to sensitive information that may lead to further system compromise. At this time, there are no known exploits associated with this vulnerability; USCYBERCOM is not aware of any DoD related incidents. XML External Entities Resolution Vulnerability - (CVE-2011-1280): An information disclosure vulnerability exists in the way that Microsoft XML Editor handles specially crafted XML files. The vulnerability is due to the fact that XML external entities are resolved within other XML external entity declarations.

Check Content

See IAVM notice and Microsoft Bulletin MS11-049 (2543893) for additional information. Vulnerable Applications/Systems: Microsoft Office Software Microsoft InfoPath 2007 SP2 Microsoft InfoPath 2010 (x86 and x64) Microsoft SQL Server SQL Server 2005 SP3 (x86, x64 and Itanium) SQL Server 2005 SP4 (x86, x64 and Itanium) SQL Server 2005 Express Edition SP3 SQL Server 2005 Express Edition SP4 SQL Server 2005 Express Edition with Advanced Services SP3 SQL Server 2005 Express Edition with Advanced Services SP4 SQL Server Management Studio Express (SSMSE) 2005 (x86 & x64) SQL Server 2008 for 32-bit Systems SP1 and SP2 (x86, x64 and Itanium) SQL Server 2008 R2 (x86, x64 and Itanium) Developer Tools Microsoft Visual Studio 2005 SP1 Microsoft Visual Studio 2008 SP1 Microsoft Visual Studio 2010 Verify that the patch has been installed by checking that the following sample file is at the version indicated or later. See the vendor bulletin for additional information and any Vulnerable Systems/Applications not listed below. Microsoft.XmlEditor.dll Microsoft InfoPath 2007 SP2 - 2.0.50727.5065 Microsoft InfoPath 2010 - 2.0.50727.5065 SQL Server Management Studio Express (SSMSE) 2005 - 2.0.50727.5065 Microsoft Visual Studio 2005 SP1 - 2.0.50727.5065 Microsoft Visual Studio 2008 SP1 - 3.5.30729.5665 Microsoft Visual Studio 2010 - 10.0.30319.462 Sqlservr.exe SQL Server 2005 SP3 - 2005.90.4060.0 (GDR) or 2005.90.4340.0 (QFE) SQL Server 2005 SP4 - 2005.90.5057.0 (GDR) or 2005.90.5292.0 (QFE) SQL Server 2008 SP1 - 2007.100.2573.0 GDR) or 2007.100.2841.0 (QFE) SQL Server 2008 SP2 - 2007.100.4064.0 GDR) or 2007.100.4311.0 (QFE) SQL Server 2008 R2 - 2009.100.1617.0 (GDR) or 2009.100.1790.0 (QFE)

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-28601

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.