Computer Security

Microsoft Content Management Server multiple security vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Microsoft Content Management Server multiple security vulnerabilities
Published:10.04.2007
Source:MICROSOFT
SecurityVulns ID:7559
Type:remote
Level:6/10
Description:Crossite scripting, memory corruption.
Affected:MICROSOFT : Microsoft Content Management Server 2001
 MICROSOFT : Microsoft Content Management Server 2002
CVE:CVE-2007-0939 (Cross-site scripting (XSS) vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving HTML redirection queries, aka "Cross-site Scripting and Spoofing Vulnerability.")
 CVE-2007-0938 (Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 does not properly handle certain characters in a crafted HTTP GET request, which allows remote attackers to execute arbitrary code, aka the "CMS Memory Corruption Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS07-018 Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939) (10.04.2007)
Files:Microsoft Security Bulletin MS07-018 Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru