Information disclosure vulnerability in Microsoft Sharepoint - CVE-2015-2556| ID: oval:org.secpod.oval:def:30012 | Date: (C)2015-10-15 (M)2022-10-10 |
| Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft SharePoint Server 2007 or 2010 and is prone to an information disclosure vulnerability. A flaw present in the applications, which fail to properly parse the Document Type Definition (DTD) of an XML file. Successful exploitation could allow attackers to browse the contents of arbitrary files on a SharePoint server.
| Platform: |
| Microsoft Windows Vista |
| Microsoft Windows Server 2008 |
| Microsoft Windows Server 2003 |
| Microsoft Windows 7 |
| Microsoft Windows Server 2008 R2 |
| Microsoft Windows 8 |
| Microsoft Windows Server 2012 |
| Microsoft Windows 8.1 |
| Microsoft Windows 10 |
| Microsoft Windows Server 2012 R2 |
| Product: |
| Microsoft SharePoint Server 2007 |
| Microsoft SharePoint Server 2010 |
