[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Privilege escalation vulnerability in Microsoft SharePoint - MS12-011

ID: oval:org.secpod.oval:def:4144Date: (C)2012-02-16   (M)2021-06-02
Class: PATCHFamily: windows




The host is missing an important security update according to Microsoft security bulletin, MS12-011. The update is required to fix elevation of privilege or information disclosure vulnerabilities. The flaws are present due to improper handling of URL containing malicious JavaScript elements. Successful exploitation could allow attackers to issue SharePoint commands in the context of the authenticated user on the targeted SharePoint site.

Platform:
Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 7
Product:
Microsoft SharePoint Server 2010
Microsoft SharePoint Foundation 2010
Reference:
MS12-011
CVE-2012-0017
CVE-2012-0144
CVE-2012-0145
CVE    3
CVE-2012-0017
CVE-2012-0145
CVE-2012-0144
CPE    4
cpe:/a:microsoft:sharepoint_server:2010:sp1
cpe:/a:microsoft:sharepoint_server:2010
cpe:/a:microsoft:sharepoint_foundation:2010
cpe:/a:microsoft:sharepoint_foundation:2010:sp1
...
XCCDF    10
xccdf_com.secpod_benchmark_sample-definitions
xccdf_com.secpod_benchmark_microsoft-windows-2000
xccdf_com.secpod_benchmark_microsoft-windows-server-2008
xccdf_com.secpod_benchmark_microsoft-windows-7
...

© SecPod Technologies