MS14-022: Description of the security update for Windows SharePoint Services 3.0: May 13, 2014

MS14-022: Description of the security update for Windows SharePoint Services 3.0: May 13, 2014 Introduction This security update resolves vulnerabilities in Microsoft Office server and productivity software that could allow remote code execution if an authenticated attacker sends specially crafte...

CVE-2015-0085

Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold and SP1, Word 2013 RT Gold and SP1, Excel Viewe...

Design/Logic Flaw

Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold and SP1, Word 2013 RT Gold and SP1, Excel Viewe...

Microsoft SharePoint Services 3.0 Multiple Vulnerabilities (3038999)

This host is missing an important security update according to Microsoft Bulletin MS15-022. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

KLA10604 Multiple vulnerabilities in Microsoft SharePoint

Multiple serious vulnerabilities have been found in Microsoft SharePoint. Malicious users can exploit these vulnerabilities to gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities 1. XSS vulnerability can be exploited remotely via a specially designed requests; 2...

Microsoft SharePoint CVE-2013-1330 Remote Code Execution Vulnerability

Description Microsoft SharePoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the guest account on the SharePoint server. Failed exploit attempts will result in a denial-of-service condition. Technologies...

Cross site scripting

Cross-site scripting XSS vulnerability in Microsoft InfoPath 2007 SP2 and SP3 and 2010 SP1, Communicator 2007 R2, Lync 2010 and 2010 Attendee, SharePoint Server 2007 SP2 and SP3 and 2010 SP1, Groove Server 2010 SP1, Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010 SP1, and Office W...

CVE-2012-2520

CVE-2012-2520 is a cross-site scripting vulnerability in Microsoft’s HTML sanitization component affecting multiple products (InfoPath 2007/2010, Communicator/Lync 2010, SharePoint Server/Foundation, Groove Server, Office Web Apps). The issue arises from improper input filtering in the HTML sanit...

Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048)

This host is missing an important security update according to Microsoft Bulletin MS10-072. OpenVAS Vulnerability Test $Id: secpodms10-072.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities 2412048 Authors: Rachana Shetty Copyright: Copyright...

Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048)

This host is missing an important security update according to Microsoft Bulletin MS10-072. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Cross site scripting

Cross-site scripting XSS vulnerability in Microsoft Office SharePoint Server 2010, Windows SharePoint Services 2.0 and 3.0 SP2, and SharePoint Foundation 2010 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "SharePoint XSS Vulnerability."...

CVE-2011-1893

CVE-2011-1893 corresponds to a cross-site scripting (XSS) vulnerability affecting Microsoft SharePoint components: Office SharePoint Server 2010, Windows SharePoint Services 2.0/3.0 SP2, and SharePoint Foundation 2010. The root cause is improper handling of URI parameters, enabling remote attacke...

Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities (2451858)

This host is missing an important security update according to Microsoft Bulletin MS11-074. OpenVAS Vulnerability Test $Id: secpodms11-074.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities 2451858 Authors: Rachana Shetty Copyright: Copyright c...

CVE-2011-1252

Cross-site scripting XSS vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, and SharePoint...

PT-2011-2990 · Microsoft · Sharepoint Foundation +5

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 7 through 8 Office SharePoint Server versions 2007 SP2 through 2010 SP1 Groove Server versions 2010 Gold through 2010 SP1 Windows SharePoint Services version 3.0 SP2 SharePoint Foundation versions 2010 Gol...

Microsoft Security Bulletin MS10-072 - Important Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)

Microsoft Security Bulletin MS10-072 - Important Vulnerabilities in SafeHTML Could Allow Information Disclosure 2412048 Published: October 12, 2010 Version: 1.0 General Information Executive Summary This security update resolves one publicly disclosed vulnerability and one privately reported...

CVE-2010-1264

Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 SP1 and SP2 allows remote attackers to cause a denial of service hang via crafted requests to the Help page that cause repeated restarts of the application pool, aka "Sharepoint Help Page Denial of Service Vulnerability."...

Microsoft SharePoint '_layouts/help.aspx' Cross Site Scripting Vulnerability

This host is running Microsoft SharePoint Server and is prone to Cross Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodmssharepointlayoutsxssvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Microsoft SharePoint 'layouts/help.aspx' Cross Site Scripting Vulnerability Authors: Antu...

Microsoft Windows SharePoint Services Cross Site Scripting (MS07-059; CVE-2007-2581)

Microsoft Windows SharePoint Services WSS is an add-on component of Windows Server. WSS is based on IIS and ASP.NET technologies, providing a basic portal infrastructure, collaborative editing of documents, document organization, and version control capabilities. SharePoint functionality is expos...

Microsoft Windows SharePoint Services (WSS) / Microsoft SharePoint Team Services Detection (HTTP)

HTTP based detection of Microsoft Windows SharePoint Services WSS / Microsoft SharePoint Team Services. SPDX-FileCopyrightText: 2009 Christian Eric Edjenguele SPDX-FileCopyrightText: New / improved detection code since 2015 Greenbone AG Some text descriptions might be excerpted from a referenced...