Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:23117
HistoryOct 21, 2011 - 12:00 a.m.

Microsoft SharePoint XML处理远程文件泄露漏洞

2011-10-2100:00:00
Root
www.seebug.org
20

0.027 Low

EPSS

Percentile

89.4%

JSON

Bugtraq ID: 49511
CVE ID:CVE-2011-1892

Microsoft SharePoint Server是一款服务器功能集成套件,提供全面的内容管理和企业搜索、加速共享业务流程并便利跨界限信息共享。
Microsoft SharePoint存在文件泄露漏洞,允许恶意验证用户使用特制XML文件,以运行Sharepoint账户上下文读取SharePoint服务器上的本地文件。

Microsoft SharePoint Workspace 2010 SP1
Microsoft SharePoint Workspace 2010 0
Microsoft SharePoint Services 64-bit 3.0 SP2
Microsoft SharePoint Services 3.0 SP2
Microsoft SharePoint Server 2010 Standard Edition 0
Microsoft SharePoint Server 2010 Enterprise Edition 0
Microsoft SharePoint Server 2010 SP1
Microsoft SharePoint Server 2007 x64 SP2
Microsoft SharePoint Server 2007 SP2
Microsoft SharePoint Foundation 2010 0
Microsoft Office Web Apps 2010 SP1
Microsoft Office Web Apps 2010 0
Microsoft Office Groove Management Server 2007 SP2
Microsoft Office Groove Data Bridge Server 2007 SP2
Microsoft Office Forms Server 2007 SP2
Microsoft Groove Server 2010 SP1
Microsoft Groove Server 2010 0
Microsoft Groove 2007 SP2
厂商解决方案
用户可参考如下供应商提供的安全公告获得补丁信息:
http://technet.microsoft.com/en-us/security/bulletin/ms11-074

Related

exploitpack 1
packetstorm 1
seebug 1
checkpoint_advisories 1
prion 1
cve 1
securityvulns 2
exploitdb 1
nessus 1
openvas 2
mskb 1
exploitpack
exploitpack
SharePoint 20072010 and DotNetNuke 6 - File Disclosure (via XEE)
2011-09-20 00:00:00
packetstorm
packetstorm
SharePoint 2007 / 2010 And DotNetNuke File Disclosure
2011-09-21 00:00:00
seebug
seebug
SharePoint 2007/2010 and DotNetNuke < 6 - File disclosure via XEE
2014-07-01 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft SharePoint Server XML Rollup Information Disclosure (MS11-074; CVE-2011-1892)
2011-09-13 00:00:00
prion
prion
Arbitrary file deletion
2011-09-15 12:26:00
cve
cve
CVE-2011-1892
2011-09-15 12:26:00
securityvulns
securityvulns
XEE vulnerabilities in SharePoint &#40;MS11-074&#41; and DotNetNuke
2011-09-20 00:00:00
Microsoft Sharepoint multiple security vulnerabilities
2011-09-20 00:00:00
exploitdb
exploitdb
SharePoint 2007/2010 and DotNetNuke &lt; 6 - File Disclosure (via XEE)
2011-09-20 00:00:00
nessus
nessus
MS11-074: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2451858)
2011-09-14 00:00:00
openvas
openvas
Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities (2451858)
2011-09-14 00:00:00
Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities (2451858)
2011-09-14 00:00:00
mskb
mskb
MS11-074: Vulnerabilities in Microsoft SharePoint could allow elevation of privilege: September 13, 2011
2011-09-13 00:00:00

0.027 Low

EPSS

Percentile

89.4%

JSON
Related for SSV:23117
exploitpack1packetstorm1seebug1checkpoint_advisories1prion1cve1securityvulns2exploitdb1nessus1openvas2mskb1