This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


Vendor Microsoft First view 2007-05-09
Product Sharepoint Server Last view 2010-04-29
Version 2007 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
CPE Product cpe:2.3:a:microsoft:sharepoint_server

Activity : Overall

Related : CVE

  Date Alert Description
4.3 2010-04-29 CVE-2010-0817

Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter.

3.5 2010-02-26 CVE-2010-0716

_layouts/Upload.aspx in the Documents module in Microsoft SharePoint before 2010 uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting (XSS) attacks by uploading TXT files, a related issue to CVE-2008-5026. NOTE: the vendor disputes the significance of this issue, because cross-domain isolation can be implemented when needed.

5 2009-10-30 CVE-2009-3830

The download functionality in Team Services in Microsoft Office SharePoint Server 2007 and allows remote attackers to read ASP.NET source code via pathnames in the SourceUrl and Source parameters to _layouts/download.aspx.

4.3 2007-05-09 CVE-2007-2581

Multiple cross-site scripting (XSS) vulnerabilities in Microsoft Windows SharePoint Services 3.0 for Windows Server 2003 and Office SharePoint Server 2007 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (query string) in "every main page," as demonstrated by default.aspx.

CWE : Common Weakness Enumeration

75% (3) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
25% (1) CWE-20 Improper Input Validation

Open Source Vulnerability Database (OSVDB)

id Description
64170 Microsoft SharePoint Server _layouts/help.aspx cid0 Parameter XSS
59479 Microsoft Office SharePoint Server Team Services _layouts/download.aspx Multi...
50138 Microsoft SharePoint Host Name / Port Number Persistence HTML Document Same-o...
37630 Microsoft SharePoint PATH_INFO (query string) XSS

OpenVAS Exploits

id Description
2011-09-14 Name : Microsoft SharePoint Server 2007 '_layouts/help.aspx' Cross Site Scripting Vu...
File : nvt/gb_sharepoint_39776.nasl
2010-05-04 Name : Microsoft SharePoint '_layouts/help.aspx' Cross Site Scripting Vulnerability
File : nvt/secpod_ms_sharepoint_layouts_xss_vuln.nasl
2010-03-05 Name : Microsoft SharePoint Cross Site Scripting Vulnerability
File : nvt/gb_ms_sharepoint_xss_vuln.nasl
2009-11-05 Name : Microsoft SharePoint Team Services Information Disclosure Vulnerability
File : nvt/gb_ms_sharepoint_info_disc_vuln.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2010-A-0079 Multiple Vulnerabilities in Microsoft Office SharePoint
Severity: Category II - VMSKEY: V0024377
2007-B-0031 Windows SharePoint Services and Office SharePoint Server Remote Privilege Esc...
Severity: Category II - VMSKEY: V0015306

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Office SharePoint XSS attempt
RuleID : 16560 - Type : SERVER-WEBAPP - Revision : 17
2014-01-10 Microsoft Office SharePoint cross site scripting attempt
RuleID : 12629 - Type : SERVER-WEBAPP - Revision : 19

Nessus® Vulnerability Scanner

id Description
2010-07-01 Name: An application running on the remote web server has a cross-site scripting vu...
File: sharepoint_help_xss.nasl - Type: ACT_ATTACK
2010-06-09 Name: The remote host has multiple vulnerabilities.
File: smb_nt_ms10-039.nasl - Type: ACT_GATHER_INFO
2007-10-09 Name: A user can elevate his privileges through SharePoint.
File: smb_nt_ms07-059.nasl - Type: ACT_GATHER_INFO