Vulnerability Description
Microsoft Office InfoPath 2003 SP1 includes sensitive information in the Manifest.xsf file in a custom .xsn form, which allows attackers to obtain printer and network information, obtain the database name, username, and password, or obtain the internal web server name.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Office Infopath | 2003 |
References
- http://securitytracker.com/id?1013454
- http://support.microsoft.com/kb/867443Vendor Advisory
- http://www.osvdb.org/14882
- http://www.securityfocus.com/bid/12824
- http://securitytracker.com/id?1013454
- http://support.microsoft.com/kb/867443Vendor Advisory
- http://www.osvdb.org/14882
- http://www.securityfocus.com/bid/12824
FAQ
What is CVE-2005-0820?
CVE-2005-0820 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Microsoft Office InfoPath 2003 SP1 includes sensitive information in the Manifest.xsf file in a custom .xsn form, which allows attackers to obtain printer and network information, obtain the database ...
How severe is CVE-2005-0820?
CVE-2005-0820 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0820?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Office Infopath.