Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote malicious users to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, aka "XML External Entities Resolution Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft visio 2003 |
||
microsoft visio 2007 |
||
microsoft visio 2010 |