CVE-2019-0948

Name of the Vulnerable Software and Affected Versions Windows Event Viewer (eventvwr.msc) (affected versions not specified)

Description The issue is related to an information disclosure problem in the Windows Event Viewer, which improperly handles XML input. This can be exploited by an attacker using a specially crafted XML file to read arbitrary files, potentially allowing access to sensitive information. The vulnerability is associated with the improper parsing of XML input containing a reference to an external entity.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.