(MS11-067) Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578230)

  Severity: HIGH
  CVE Identifier: CVE-2011-1976
  Advisory Date: AUG 11, 2011

  DESCRIPTION

This update resolves a vulnerability in Microsoft Report Viewer, that when exploited, could allow information disclosure. Note that an attacker must persuade the intended victim to open a specially crafted webpage in order to start the exploit.

  TREND MICRO PROTECTION INFORMATION

Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Microsoft Visual Studio 2005 Service Pack 1
  • Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package