Microsoft Windows CVE-2017-8710 Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists in the Microsoft Common Console Document (.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration.
Affected Applications
Windows 7
Windows Server 2008