Microsoft Windows Chart Control Information Disclosure Vulnerability

Last Update Date: 10 Aug 2011 12:25 Release Date: 10 Aug 2011 5441 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

An information disclosure vulnerability exists in the way that Microsoft Chart controls incorrectly handle special characters within a specially crafted URI. An attacker who successfully exploited this vulnerability would be able to read the contents of any file within the web site directory or subdirectories, such as web.config. The web.config file often stores sensitive information. The consequences of the disclosure of that information depend on the nature of the information itself. Note that this vulnerability would not allow an attacker to execute code or to elevate the attacker's user rights directly, but it could be used to produce information that could be used to try to further compromise the affected system.

Impact

  • Information Disclosure

System / Technologies affected

  • Microsoft .NET Framework 3.5

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows Remote Desktop Protocol Vulnerability

10 Aug 2011 5516 Views

Next

Microsoft Report Viewer Controls XSS Vulnerability

10 Aug 2011 5721 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY