virus logo Endpoint Vulnerability

Microsoft Visual Studio CVE-2019-1079 Information Disclosure Vulnerability

description-logoDescription

An information disclosure vulnerability in Visual Studio allows attackers to read arbitrary files via XXE due to improper XML parsing, enabling unauthorized file system access.

affected-products-logoAffected Applications

Microsoft Visual Studio 2012 Update 5
Microsoft Visual Studio 2013 Update 5
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2015 Update 3

Version Updates

Date Version Status Detail
2022-12-21 1.00365
Modified
 Microsoft Visual Studio 2012 Update 5,Microsoft Visual Studio 2013 Update 5,Microsoft Visual Studio 2010 Service Pack 1,Microsoft Visual Studio 2015 Update 3
2022-12-14 1.00363
Modified
 Microsoft Visual Studio 2012 Update 5,Microsoft Visual Studio 2013 Update 5,Microsoft Visual Studio 2010 Service Pack 1,Microsoft Visual Studio 2015 Update 3
2019-09-11 1.00194
Modified
 Microsoft Visual Studio 2012 Update 5,Microsoft Visual Studio 2013 Update 5,Microsoft Visual Studio 2010 Service Pack 1,Microsoft Visual Studio 2015 Update 3
2019-07-11 1.00190
New
 Microsoft Visual Studio 2012 Update 5,Microsoft Visual Studio 2013 Update 5,Microsoft Visual Studio 2010 Service Pack 1,Microsoft Visual Studio 2015 Update 3

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1079
ID 58777
Created Jul 09, 2019
Description
Updated		 Jan 10, 2026
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Microsoft
Patch auto
Application Microsoft Visual Studio 2012 Update 5 , Microsoft Visual Studio 2013 Update 5 , Microsoft Visual Studio 2010 Service Pack 1 , Microsoft Visual Studio 2015 Update 3