Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Sharepoint security vulnerabilities
Published:09.10.2013
Source:
SecurityVulns ID:13335
Type:remote
Threat Level:
7/10
Description:Memory corruption on Excel files parsing, crossite scripting.
Affected:MICROSOFT : SharePoint Server 2007
 MICROSOFT : SharePoint Server 2010
 MICROSOFT : Office Web Apps 2010
CVE:CVE-2013-3895 (Microsoft SharePoint Server 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to conduct clickjacking attacks via a crafted web page, aka "Parameter Injection Vulnerability.")
 CVE-2013-3889 (Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; Office Compatibility Pack SP3; and Excel Services and Word Automation Services in SharePoint Server 2013 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability.")
Files:Microsoft Security Bulletin MS13-084 - Important Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2885089)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod