VYPR
Unrated severityNVD Advisory· Published Apr 4, 2013· Updated Jun 16, 2026

CVE-2012-4710

CVE-2012-4710

Description

Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference.

Affected products

2
  • cpe:2.3:a:invensys:wonderware_win-xml_exporter:1522.148.0.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:invensys:wonderware_win-xml_exporter:1522.148.0.0:*:*:*:*:*:*:*
    • (no CPE)range: =1522.148.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.