This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:microsoft:office_infopath:2007:sp2
Detail
VendorMicrosoftFirst view 2010-06-08
ProductOffice InfopathLast view2011-06-16
Version2007TypeApplication
Edition 
Language 
Updatesp2 
 
CPE Productcpe:/a:microsoft:office_infopath

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
4.32011-06-16CVE-2011-1280NetworkMediumNone Requ...
4.32010-06-08CVE-2010-1257NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
50% (1)CWE-200Information Exposure
50% (1)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:12664XML External Entities Resolution Vulnerability
oval:org.mitre.oval:def:6677toStaticHTML Information Disclosure Vulnerability

Open Source Vulnerability Database (OSVDB)

idDescription
72934Microsoft XML Editor External Entities Resolution Unspecified Information Dis...
65211Microsoft IE / Sharepoint toStaticHTML Information Disclosure

OpenVAS Exploits

idDescription
2011-06-21Name : Microsoft XML Editor Information Disclosure Vulnerability (2543893)
File : nvt/secpod_ms11-049.nasl
2010-06-09Name : Microsoft Internet Explorer Multiple Vulnerabilities (982381)
File : nvt/secpod_ms10-035.nasl
2010-06-09Name : Microsoft SharePoint Privilege Elevation Vulnerabilities (2028554)
File : nvt/secpod_ms10-039.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2011-B-0064Microsoft XML Editor Information Disclosure Vulnerability
Severity : Category II - VMSKEY : V0028601
2010-A-0079Multiple Vulnerabilities in Microsoft Office SharePoint
Severity : Category II - VMSKEY : V0024377

Snort® IPS/IDS

DateDescription
2014-01-10Microsoft Visual Studio information disclosure attempt
RuleID : 19234 - Type : OS-WINDOWS - Revision : 6
2014-01-10Microsoft Internet Explorer 8 cross-site scripting attempt
RuleID : 16658 - Type : BROWSER-IE - Revision : 7

Nessus® Vulnerability Scanner

idDescription
2014-03-10Name : An application on the remote Windows host has an information disclosure vulne...
File : smb_kb2543893.nasl - Type : ACT_GATHER_INFO
2011-06-15Name : An application on the remote Windows host has an information disclosure vulne...
File : smb_nt_ms11-049.nasl - Type : ACT_GATHER_INFO
2010-06-09Name : Arbitrary code can be executed on the remote host through a web browser.
File : smb_nt_ms10-035.nasl - Type : ACT_GATHER_INFO
2010-06-09Name : The remote host has multiple vulnerabilities.
File : smb_nt_ms10-039.nasl - Type : ACT_GATHER_INFO