Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Sharepoint multiple security vulnerabilities
Published:13.03.2013
Source:
SecurityVulns ID:12950
Type:remote
Threat Level:
8/10
Description:Buffer oveflows, directory traversal, crossite scripting, code execution.
Affected:MICROSOFT : SharePoint Server 2010
 MICROSOFT : SharePoint Foundation 2010
CVE:CVE-2013-0085 (Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a denial of service (W3WP process crash and site outage) via a crafted URL, aka "Buffer Overflow Vulnerability.")
 CVE-2013-0084 (Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "SharePoint Directory Traversal Vulnerability.")
 CVE-2013-0083 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command execution, aka "SharePoint XSS Vulnerability.")
 CVE-2013-0080 (Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability.")
Files:Microsoft Security Bulletin MS13-024 - Critical Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2780176)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod