CVE-2012-4710 Information

Description

Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote attackers to read arbitrary files send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference.

Reference

http://ics-cert.us-cert.gov/pdf/ICSA-13-067-02.pdf