4.3 - MS11-049

Executive Summary

Summary
Title	Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893)

Informations
Name	MS11-049	First vendor Publication	2011-06-14
Vendor	Microsoft	Last vendor Modification	2012-02-15
Severity (Vendor)	Important	Revision	2.4

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Cvss Base Score	4.3	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V2.4 (February 15, 2012): Corrected the SQL Server Version Range for SQL Server 2008 R2 in the update FAQ.

Summary: This security update resolves a privately reported vulnerability in Microsoft XML Editor. The vulnerability could allow information disclosure if a user opened a specially crafted Web Service Discovery (.disco) file with one of the affected software listed in this bulletin. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise the affected system.

Original Source

Url : http://technet.microsoft.com/en-us/security/bulletin/ms11-049

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-200	Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12664

Oval ID:	oval:org.mitre.oval:def:12664
Title:	XML External Entities Resolution Vulnerability
Description:	The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express (SSMSE) 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrary files via a crafted .disco (Web Service Discovery) file, aka "XML External Entities Resolution Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-1280	Version:	33
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Microsoft Office InfoPath 2007 Microsoft Office InfoPath 2010 Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition Microsoft SQL Server Management Studio Express (SSMSE) 2005 Microsoft SQL Server 2008 Microsoft SQL Server 2008 R2 Microsoft Visual Studio 2005 Microsoft Visual Studio 2008 Microsoft Visual Studio 2010
Definition Synopsis:
Vulnerable Microsoft Office InfoPath 2007 Microsoft InfoPath 2007 is installed AND NOT KB2510061 is installed AND Vulnerable Microsoft Office InfoPath 2010 Microsoft InfoPath 2010 is installed AND NOT Check if Microsoft Office 2010 SP1 or greater is installed AND NOT KB2510065 is installed OR SQL Server 2005 Service Pack 3 Microsoft SQL Server 2005 Microsoft SQL Server 2005 Microsoft SQL Server 2005 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 3 AND Microsoft SQL Server 2005 SP3 is installed AND SQL 2005 Microsoft SQL Server 2005 SP3 Database Engine The version of Sqlservr.exe is less than 2005.90.4060.0 OR QFE The version of Sqlservr.exe is greater than or equal to 2005.90.4207.0 AND The version of Sqlservr.exe is less than 2005.90.4340.0 OR Microsoft SQL Server 2005 SP3 Analysis Services Microsoft SQL Server 2005 Analysis Services is installed AND GDR or QFE The version of Msmdsrv.exe is less than 9.0.4060.0 OR QFE The version of Msmdsrv.exe is greater than or equal to 9.0.4207.0 AND The version of Msmdsrv.exe is less than 9.0.4340.0 OR Microsoft SQL Server 2005 SP3 Notification Services Microsoft SQL Server 2005 Notification Services is installed AND GDR or QFE The version of Nsservice.exe is less than 9.0.4060.0 OR QFE The version of Nsservice.exe is greater than or equal to 9.0.4207.0 AND The version of Nsservice.exe is less than 9.0.4340.0 OR Microsoft SQL Server 2005 SP3 Reporting Services Microsoft SQL Server 2005 Reporting Services is installed AND GDR or QFE The version of Reportingservicesservice.exe is less than 9.0.4060.0 OR QFE The version of Reportingservicesservice.exe is greater than or equal to 9.0.4207.0 AND The version of Reportingservicesservice.exe is less than 9.0.4340.0 OR Microsoft SQL Server 2005 SP3 Integration Services Microsoft SQL Server 2005 Integration Services is installed AND GDR or QFE The version of Msdtssrvr.exe is less than 9.0.4060.0 OR QFE The version of Msdtssrvr.exe is greater than or equal to 9.0.4207.0 AND The version of Msdtssrvr.exe is less than 9.0.4340.0 OR Microsoft SQL Server 2005 SP3 Tools Microsoft SQL Server 2005 Tools is installed AND GDR or QFE The version of Sqlwb.exe is less than 2005.90.4060.0 OR QFE The version of Sqlwb.exe is greater than or equal to 2005.90.4207.0 AND The version of Sqlwb.exe is less than 2005.90.4340.0 OR SQL Server 2005 Service Pack 4 SQL 2005 SP4 SQL 2005 Microsoft SQL Server 2005 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\90\DTS\Setup\\SP equals 4 AND Microsoft SQL Server 2005 SP4 is installed AND SQL 2005 Components Microsoft SQL Server 2005 SP4 Database Engine The version of Sqlservr.exe is less than 2005.90.5057.0 OR QFE The version of Sqlservr.exe is greater than or equal to 2005.90.5200.0 AND The version of Sqlservr.exe is less than 2005.90.5292.0 OR Microsoft SQL Server 2005 SP4 Analysis Services Microsoft SQL Server 2005 Analysis Services is installed AND GDR or QFE The version of Msmdsrv.exe is less than 9.0.5057.0 OR QFE The version of Msmdsrv.exe is greater than or equal to 9.0.5200.0 AND The version of Msmdsrv.exe is less than 9.0.5292.0 OR Microsoft SQL Server 2005 SP4 Notification Services Microsoft SQL Server 2005 Notification Services is installed AND GDR or QFE The version of Nsservice.exe is less than 9.0.5057.0 OR QFE The version of Nsservice.exe is greater than or equal to 9.0.5200.0 AND The version of Nsservice.exe is less than 9.0.5292.0 OR Microsoft SQL Server 2005 SP4 Reporting Services Microsoft SQL Server 2005 Reporting Services is installed AND GDR or QFE The version of Reportingservicesservice.exe is less than 9.0.5057.0 OR QFE The version of Reportingservicesservice.exe is greater than or equal to 9.0.5200.0 AND The version of Reportingservicesservice.exe is less than 9.0.5292.0 OR Microsoft SQL Server 2005 SP4 Integration Services Microsoft SQL Server 2005 Integration Services is installed AND GDR or QFE The version of Msdtssrvr.exe is less than 9.0.5057.0 OR QFE The version of Msdtssrvr.exe is greater than or equal to 9.0.5200.0 AND The version of Msdtssrvr.exe is less than 9.0.5292.0 OR Microsoft SQL Server 2005 SP4 Tools Microsoft SQL Server 2005 Tools is installed AND GDR or QFE The version of Sqlwb.exe is less than 2005.90.5057.0 OR QFE The version of Sqlwb.exe is greater than or equal to 2005.90.5200.0 AND The version of Sqlwb.exe is less than 2005.90.5292.0 OR SQL Server 2008 Service Pack 1 SQL 2008 SQL 2008 Microsoft SQL Server 2008 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\100\DTS\Setup\\SP equals 1 AND Microsoft SQL Server 2008 SP1 is installed AND SQL 2008 DSCI Microsoft SQL Server 2008 Database Services Core Instance The version of Sqlservr.exe is less than 2007.100.2573.0 OR QFE The version of Sqlservr.exe is greater than or equal to 2007.100.2800.0 AND The version of Sqlservr.exe is less than 2007.100.2841.0 OR Management Studio The version of Sql_ssms_keyfile is less than 2007.100.2573.0 OR QFE The version of sql_ssms_keyfile.dll is greater than or equal to 2007.100.2800.0 AND The version of sql_ssms_keyfile.dll is less than 2007.100.2841.0 OR SQL Server 2008 Service Pack 2 SQL 2008 SP2 SQL 2008 SP2 Microsoft SQL Server 2008 is installed AND HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\100\DTS\Setup\\SP equals 2 AND Microsoft SQL Server 2008 SP2 is installed AND SQL 2008 DSCI Microsoft SQL Server 2008 Database Services Core Instance The version of Sqlservr.exe is less than 2007.100.4064.0 OR QFE The version of Sqlservr.exe is greater than or equal to 2007.100.4300.0 AND The version of Sqlservr.exe is less than 2007.100.4311.0 OR Management Studio The version of Sql_ssms_keyfile is less than 2007.100.4064.0 OR QFE The version of sql_ssms_keyfile.dll is greater than or equal to 2007.100.4300.0 AND The version of sql_ssms_keyfile.dll is less than 2007.100.4311.0 OR SQL Server 2008 R2 Microsoft SQL Server 2008 R2 is installed AND Check if HKLM\SOFTWARE\Microsoft\Microsoft SQL Server\.\Setup!SQLPath exists AND Microsoft SQL Server 2008 R2 Database Services Core Instance The version of Sqlservr.exe is less than 2009.100.1617.0 AND The version of Sqlservr.exe is greater than or equal to 2009.100.1700.0 and less than 2009.100.1790.0 OR Microsoft Visual Studio 2005 Microsoft Visual Studio 2005 is installed. AND The version of Microsoft.XmlEditor.dll is less than 2.0.50727.5065 OR Microsoft Visual Studio 2008 Microsoft Visual Studio 2008 is installed AND The version of Microsoft.XmlEditor.dll is less than 3.5.30729.5665 OR Microsoft Visual Studio 2010 Microsoft Visual Studio 2010 is installed AND Check if HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010.!InstallLocation exists AND The version of Microsoft.XmlEditor.dll is less than 10.0.30319.462

CPE : Common Platform Enumeration

Type	Description	Count
Application	Microsoft Office Infopath cpe:2.3:a:microsoft:office_infopath:2010::x32::::: cpe:2.3:a:microsoft:office_infopath:2010::x64::::: cpe:2.3:a:microsoft:office_infopath:2007:sp2::::::	3
Application	Microsoft Sql Server cpe:2.3:a:microsoft:sql_server:2008:r2:x64:::::* cpe:2.3:a:microsoft:sql_server:2008:sp2:itanium:::::* cpe:2.3:a:microsoft:sql_server:2008:sp2:x32:::::* cpe:2.3:a:microsoft:sql_server:2008:sp2:x64:::::* cpe:2.3:a:microsoft:sql_server:2008:r2:itanium:::::* cpe:2.3:a:microsoft:sql_server:2008:sp1:x64:::::* cpe:2.3:a:microsoft:sql_server:2008:sp1:itanium:::::* cpe:2.3:a:microsoft:sql_server:2005:sp4:express_advanced_services:::::* cpe:2.3:a:microsoft:sql_server:2005:sp4:::::: cpe:2.3:a:microsoft:sql_server:2005:sp3:express_advanced_services:::::* cpe:2.3:a:microsoft:sql_server:2005:sp3:express:::::* cpe:2.3:a:microsoft:sql_server:2005:sp4:itanium:::::* cpe:2.3:a:microsoft:sql_server:2005:sp4:x64:::::* cpe:2.3:a:microsoft:sql_server:2005:sp4:express:::::* cpe:2.3:a:microsoft:sql_server:2005:sp3:::::: cpe:2.3:a:microsoft:sql_server:2005:sp3:itanium:::::* cpe:2.3:a:microsoft:sql_server:2005:sp3:x64:::::*	17
Application	Microsoft Sql Server Management Studio Express cpe:2.3:a:microsoft:sql_server_management_studio_express:2005::x64::::: cpe:2.3:a:microsoft:sql_server_management_studio_express:2005:::::::*	2
Application	Microsoft Visual Studio cpe:2.3:a:microsoft:visual_studio:2010:-:::::: cpe:2.3:a:microsoft:visual_studio:2008:sp1:::::: cpe:2.3:a:microsoft:visual_studio:2005:sp1::::::	3

OpenVAS Exploits

Date	Description
2011-06-21	Name : Microsoft XML Editor Information Disclosure Vulnerability (2543893) File : nvt/secpod_ms11-049.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
72934	Microsoft XML Editor External Entities Resolution Unspecified Information Dis...

Information Assurance Vulnerability Management (IAVM)

Date	Description
2011-06-16	IAVM : 2011-B-0064 - Microsoft XML Editor Information Disclosure Vulnerability Severity : Category II - VMSKEY : V0028601

Snort® IPS/IDS

Date	Description
2014-01-10	Microsoft Visual Studio information disclosure attempt RuleID : 19234 - Revision : 7 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

Date	Description
2014-03-10	Name : An application on the remote Windows host has an information disclosure vulne... File : smb_kb2543893.nasl - Type : ACT_GATHER_INFO
2011-06-15	Name : An application on the remote Windows host has an information disclosure vulne... File : smb_nt_ms11-049.nasl - Type : ACT_GATHER_INFO
2003-01-26	Name : The remote host has a database server installed. File : mssql_version.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-03-11 13:21:27	Multiple Updates
2014-02-17 11:47:01	Multiple Updates
2014-01-19 21:30:41	Multiple Updates
2013-11-11 12:41:23	Multiple Updates
2013-05-11 00:49:50	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	1
CPE ID(s)	25
osvdb(s)	1
Openvas Exploit(s)	1
IAVM(s)	1
Snort® Rule(s)	1
Nessus® Exploit(s)	3

	Related
9.3	MS09-062
4.3	MS12-070
4.3	CVE-2011-1280
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 3 more Alert(s)

4.3 - MS11-049

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Information Assurance Vulnerability Management (IAVM)

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU