Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Content Management Server multiple security vulnerabilities
Published:10.04.2007
Source:
SecurityVulns ID:7559
Type:remote
Threat Level:
6/10
Description:Crossite scripting, memory corruption.
Affected:MICROSOFT : Microsoft Content Management Server 2001
 MICROSOFT : Microsoft Content Management Server 2002
CVE:CVE-2007-0939 (Cross-site scripting (XSS) vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving HTML redirection queries, aka "Cross-site Scripting and Spoofing Vulnerability.")
 CVE-2007-0938 (Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 does not properly handle certain characters in a crafted HTTP GET request, which allows remote attackers to execute arbitrary code, aka the "CMS Memory Corruption Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS07-018 Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939) (10.04.2007)
Files:Microsoft Security Bulletin MS07-018 Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod