2005-06-21 04:00:00
mitre
PUBLISHED
Microsoft Baseline Security Analyzer (MBSA) 1.0 stores security scans in a known location C:Documents and SettingsusernameSecurityScans in plaintext, which could allow remote attackers to obtain sensitive information about the system via malicious active content such as ActiveX controls or Java.