—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Liebe Kolleginnen und Kollegen,

soeben erreichte uns nachfolgende Warnung des Microsoft Product Security
Notification Service. Wir geben diese Informationen unveraendert an Sie
weiter.

CVE-2011-1280 – Schwachstelle bei der Aufloesung externer XML-Entitaeten

Der Microsoft XML Editor behandelt Web Service Discovery (.disco)
Dateien bei der Aufloesung von verschachtelten externen XML ‘Entities’
nicht sicher. Ein entfernter Angreifer kann diese Schwachstelle
ausnutzen um auf beliebige Dateien des betroffenen Systems lesend
zuzugreifen. Hierzu muss er den Anwender verleiten einen manipulierten
E-Mailanhang zu oeffnen bzw. auf eine manipulierte Webseite zuzugreifen.

Betroffen sind die folgenden Software Pakete und Plattformen:

XML Editor

Microsoft InfoPath 2007 Service Pack 2
Microsoft InfoPath 2010 (32-bit)
Microsoft InfoPath 2010 (64-bit)
SQL Server 2005 Service Pack 3
SQL Server 2005 x64 Edition Service Pack 3
SQL Server 2005 fuer Itanium-basierte Systeme Service Pack 3
SQL Server 2005 Service Pack 4
SQL Server 2005 x64 Edition Service Pack 4
SQL Server 2005 fuer Itanium-basierte Systeme Service Pack 4
SQL Server 2005 Express Edition Service Pack 3
SQL Server 2005 Express Edition Service Pack 4
SQL Server 2005 Express Edition mit Advanced Services Service Pack 3
SQL Server 2005 Express Edition mit Advanced Services Service Pack 4
SQL Server Management Studio Express (SSMSE) 2005
SQL Server Management Studio Express (SSMSE) 2005 x64 Edition
SQL Server 2008 fuer 32-bit Systeme Service Pack 1
SQL Server 2008 fuer x64-basierte Systeme Service Pack 1
SQL Server 2008 fuer Itanium-basierte Systeme Service Pack 1
SQL Server 2008 fuer 32-bit Systeme Service Pack 2
SQL Server 2008 fuer x64-basierte Systeme Service Pack 2
SQL Server 2008 fuer Itanium-basierte Systeme Service Pack 2
SQL Server 2008 R2 fuer 32-bit Systeme
SQL Server 2008 R2 fuer x64-basierte Systeme
SQL Server 2008 R2 fuer Itanium-basierte Systeme
Microsoft Visual Studio 2005 Service Pack 1
Microsoft Visual Studio 2008 Service Pack 1
Microsoft Visual Studio 2010

Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.

(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.

Mit freundlichen Gruessen,
Detlev O. Matthies

– —

Detlev O. Matthies, M.Sc. (Incident Response Team)

DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-590
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
Sachsenstrasse 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski

Automatische Warnmeldungen https://www.cert.dfn.de/autowarn

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2011.0637
Vulnerability in the Microsoft XML Editor Could Allow
Information Disclosure (2543893)
15 June 2011

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: XML Editor
Publisher: Microsoft
Operating System: Windows
Impact/Access: Access Confidential Data — Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2011-1280

Original Bulletin:
http://www.microsoft.com/technet/security/Bulletin/MS11-049.mspx

– – ————————–BEGIN INCLUDED TEXT——————–

Microsoft Security Bulletin MS11-049 – Important

Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure
(2543893)

Published: June 14, 2011 | Updated: June 14, 2011

Version: 1.1

General Information

Executive Summary

This security update resolves a privately reported vulnerability in Microsoft
XML Editor. The vulnerability could allow information disclosure if a user
opened a specially crafted Web Service Discovery (.disco) file with one of the
affected software listed in this bulletin. Note that this vulnerability would
not allow an attacker to execute code or to elevate their user rights
directly, but it could be used to produce information that could be used to
try to further compromise the affected system.

This security update is rated Important for all supported editions of
Microsoft InfoPath 2007 and Microsoft InfoPath 2010; all supported editions of
SQL Server 2005, SQL Server 2008, and SQL Server 2008 R2; and all supported
editions of Microsoft Visual Studio 2005, Microsoft Visual Studio 2008, and
Microsoft Visual Studio 2010. For more information, see the subsection,
Affected and Non-Affected Software, in this section.

The security update addresses the vulnerability by correcting the manner in
which the XML Editor resolves external entities within a Web Service Discovery
(.disco) file. For more information about the vulnerability, see the
Frequently Asked Questions (FAQ) subsection for the specific vulnerability
entry under the next section, Vulnerability Information.

Affected Software

Microsoft Office Software

Microsoft InfoPath 2007 Service Pack 2
Microsoft InfoPath 2010 (32-bit editions)
Microsoft InfoPath 2010 (64-bit editions)

Microsoft SQL Server

SQL Server 2005 Service Pack 3
SQL Server 2005 x64 Edition Service Pack 3
SQL Server 2005 for Itanium-based Systems Service Pack 3
SQL Server 2005 Service Pack 4
SQL Server 2005 x64 Edition Service Pack 4
SQL Server 2005 for Itanium-based Systems Service Pack 4
SQL Server 2005 Express Edition Service Pack 3
SQL Server 2005 Express Edition Service Pack 4
SQL Server 2005 Express Edition with Advanced Services Service Pack 3
SQL Server 2005 Express Edition with Advanced Services Service Pack 4
SQL Server Management Studio Express (SSMSE) 2005
SQL Server Management Studio Express (SSMSE) 2005 x64 Edition
SQL Server 2008 for 32-bit Systems Service Pack 1
SQL Server 2008 for x64-based Systems Service Pack 1
SQL Server 2008 for Itanium-based Systems Service Pack 1
SQL Server 2008 for 32-bit Systems Service Pack 2
SQL Server 2008 for x64-based Systems Service Pack 2
SQL Server 2008 for Itanium-based Systems Service Pack 2
SQL Server 2008 R2 for 32-bit Systems
SQL Server 2008 R2 for x64-based Systems
SQL Server 2008 R2 for Itanium-based Systems

Developer Tools

Microsoft Visual Studio 2005 Service Pack 1
Microsoft Visual Studio 2008 Service Pack 1
Microsoft Visual Studio 2010

Vulnerability Information

XML External Entities Resolution Vulnerability – CVE-2011-1280

An information disclosure vulnerability exists in the way that Microsoft XML
Editor handles specially crafted XML files.

– – ————————–END INCLUDED TEXT——————–

You have received this e-mail bulletin as a result of your organisation’s
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT’s members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation’s
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author’s website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
– —–BEGIN PGP SIGNATURE—–
Comment: https://www.auscert.org.au/1967

iD8DBQFN+A8G/iFOrG6YcBERAhROAKC2qE+BF3fZd6Q/eW1sQumfSOvk/wCfXJtD
TfT/o3hNspnTw55Skw4qVg8=
=w9ll
– —–END PGP SIGNATURE—–
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2.0.16 (GNU/Linux)

iQEcBAEBAgAGBQJN+MjpAAoJEJtyb8U7iGZB9PcH/0s2Ws2Hvz6uk8bnqtiIX8yk
m5sPtCaYTyxgKzg3jyL1p5091CQDt33aYJuyO/J36zUEqgyXT79OFQpr7QXZaXug
WYUjoljy/1/XugeJtZucogkmmOdk480/AqY0OK1cZTD9zPPR6MdTlpH50TLU8rOe
afKIJpSvNopj28DzKEay1sfk2Xr0eU7iz6wcnQM0dF9lck8SVxdL7bVTtiS7CWFR
QJszh+Kt9aUJECMumzFTPP+xL1B8c9BTDgeAtE9YJCCBJWDhaLE3owgrVjnbc9Un
R1oHz+Pm962W+2LeYVJoPBzqzKCth2SuwT+uvqHltwfnXvT0FhMYmxf8FngmmFA=
=KWFL
—–END PGP SIGNATURE—–