Home / bulletins MS11-049 - Important: Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893) - Version:1.3
Posted on 23 June 2011
There is an newer version: MS11-049 - Version: 2.4
ImportantSeverity Rating: Important - Revision Note: V1.3 (June 22, 2011): Corrected the bulletin replacement information for Microsoft InfoPath 2007 and the Systems Management Server detection information for SQL Server. This is a bulletin change only. There were no changes to the detection or security update files.Summary: This security update resolves a privately reported vulnerability in Microsoft XML Editor. The vulnerability could allow information disclosure if a user opened a specially crafted Web Service Discovery (.disco) file with one of the affected software listed in this bulletin. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise the affected system.
Other versions
- MS11-049 - Version: 1.0
- MS11-049 - Version: 1.1
- MS11-049 - Version: 1.2
- MS11-049 - Version: 1.3
- MS11-049 - Version: 2.0
- MS11-049 - Version: 2.1
- MS11-049 - Version: 2.2
- MS11-049 - Version: 2.3
- MS11-049 - Version: 2.4
