logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2013-1330

Description

The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute, which allows remote attackers to execute arbitrary code by leveraging an unassigned workflow, aka "MAC Disabled Vulnerability."


Affected Software


CPE Name Name Version
microsoft:sharepoint_server microsoft sharepoint server 2010
microsoft:sharepoint_foundation microsoft sharepoint foundation 2010
microsoft:sharepoint_server microsoft sharepoint server 2010
microsoft:sharepoint_foundation microsoft sharepoint foundation 2010
microsoft:sharepoint_services microsoft sharepoint services 2.0
microsoft:sharepoint_portal_server microsoft sharepoint portal server 2003
microsoft:sharepoint_server microsoft sharepoint server 2007
microsoft:sharepoint_services microsoft sharepoint services 3.0
microsoft:office_web_apps microsoft office web apps 2010

Related