Microsoft Office InfoPath 2003 SP1 includes sensitive information in the Manifest.xsf file in a custom .xsn form, which allows malicious users to obtain printer and network information, obtain the database name, username, and password, or obtain the internal web server name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|