MS13-044: Vulnerability in Microsoft Visio Could Allow Information Disclosure (2834692)
Medium Nessus Plugin ID 66419
SynopsisThe remote Visio install is affected by an information disclosure vulnerability.
DescriptionThe remote host contains a version of Microsoft Visio that is affected by an information disclosure vulnerability due to a flaw in the way Visio parses specially crafted XML files containing external entities.
By tricking a user into opening a specially crafted file with Visio, a remote attacker may be able to read files on the target system.
SolutionMicrosoft has released a set of patches for Microsoft Visio 2010 SP1, Microsoft Visio 2007 SP3, and Microsoft Visio 2003 SP3.