CVE-2015-2556 Information
Feb 14, 2021
cve
Description
The InfoPath Forms Services component in Microsoft SharePoint Server 2007 SP3 and 2010 SP2 misparses DTDs which allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference related to an XML External Entity (XXE) issue aka \Microsoft SharePoint Information Disclosure Vulnerability.\
Reference
http://www.securitytracker.com/id/1033804 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-110
Share on: