This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:microsoft:sharepoint_server:2007:sp2:x64
Detail
VendorMicrosoftFirst view 2010-06-08
ProductSharepoint ServerLast view2011-09-15
Version2007TypeApplication
Editionx64 
Language 
Updatesp2 
 
CPE Productcpe:/a:microsoft:sharepoint_server

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
9.32011-09-15CVE-2011-1990NetworkMediumNone Requ...
9.32011-09-15CVE-2011-1989NetworkMediumNone Requ...
42011-09-15CVE-2011-1892NetworkLowRequires ...
7.52010-12-16CVE-2010-3964NetworkLowNone Requ...
4.32010-10-13CVE-2010-3243NetworkMediumNone Requ...
Hide | Show 1 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32010-06-08CVE-2010-1257NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
40% (2)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
20% (1)CWE-200Information Exposure
20% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
20% (1)CWE-20Improper Input Validation

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:12974Excel Conditional Expression Parsing Vulnerability
oval:org.mitre.oval:def:12907SharePoint Remote File Disclosure Vulnerability
oval:org.mitre.oval:def:7637HTML Sanitization Vulnerability (CVE-2010-3243)
oval:org.mitre.oval:def:7275HTML Sanitization Vulnerability
oval:org.mitre.oval:def:11982Excel Out of Bounds Array Indexing Vulnerability
Hide | Show 2 More...
idName
oval:org.mitre.oval:def:6677toStaticHTML Information Disclosure Vulnerability
oval:org.mitre.oval:def:11737Malformed Request Code Execution Vulnerability

SAINT Exploits

DescriptionLink
Microsoft SharePoint Office Document Load Balancer SOAP VulnerabilityMore info here

Open Source Vulnerability Database (OSVDB)

idDescription
75392Microsoft SharePoint XML File Arbitrary File Disclosure
75387Microsoft Office Excel Unspecified Signedness Error Excel File Handling Memor...
75386Microsoft Office Excel Unspecified Conditional Expression Parsing Excel File ...
75381Microsoft SharePoint XML / XSL File Handling Unspecified Arbitrary File Discl...
69817Microsoft SharePoint Office Document Load Balancer Crafted SOAP Request Remot...
Hide | Show 2 More...
idDescription
68548Microsoft IE / SharePoint Unspecified XSS
65211Microsoft IE / Sharepoint toStaticHTML Information Disclosure

ExploitDB Exploits

idDescription
17873File disclosure via XEE in SharePoint 2007/2010 and DotNetNuke < 6

OpenVAS Exploits

idDescription
2011-09-22Name : Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048)
File : nvt/secpod_ms10-072.nasl
2011-09-14Name : Microsoft Office Excel Remote Code Execution Vulnerabilities (2587505)
File : nvt/secpod_ms11-072.nasl
2011-09-14Name : Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities (2451858)
File : nvt/secpod_ms11-074.nasl
2010-12-29Name : Microsoft SharePoint Could Allow Remote Code Execution Vulnerability (2455005)
File : nvt/secpod_ms10-104.nasl
2010-10-13Name : Microsoft Internet Explorer Multiple Vulnerabilities (2360131)
File : nvt/secpod_ms10-071.nasl
Hide | Show 2 More...
idDescription
2010-06-09Name : Microsoft Internet Explorer Multiple Vulnerabilities (982381)
File : nvt/secpod_ms10-035.nasl
2010-06-09Name : Microsoft SharePoint Privilege Elevation Vulnerabilities (2028554)
File : nvt/secpod_ms10-039.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2011-B-0115Multiple Vulnerabilities in Microsoft Office SharePoint
Severity : Category II - VMSKEY : V0030239
2011-A-0124Multiple Vulnerabilities in Microsoft Office Excel
Severity : Category II - VMSKEY : V0030245
2010-A-0079Multiple Vulnerabilities in Microsoft Office SharePoint
Severity : Category II - VMSKEY : V0024377

Snort® IPS/IDS

DateDescription
2014-12-09Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt
RuleID : 32377 - Type : FILE-OFFICE - Revision : 4
2014-01-10Microsoft Office Excel conditional code execution attempt
RuleID : 25331 - Type : FILE-OFFICE - Revision : 9
2014-01-10Microsoft Office Excel conditional code execution attempt
RuleID : 25330 - Type : FILE-OFFICE - Revision : 9
2014-01-10Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt
RuleID : 20128 - Type : FILE-OFFICE - Revision : 20
2014-01-10Microsoft Office Excel Conditional Formatting record vulnerability
RuleID : 20127 - Type : FILE-OFFICE - Revision : 14
Hide | Show 5 More...
DateDescription
2014-01-10Microsoft Office SharePoint XML external entity exploit attempt
RuleID : 20115 - Type : SERVER-WEBAPP - Revision : 9
2014-01-10Microsoft Internet Explorer and SharePoint toStaticHTML information disclosur...
RuleID : 19322 - Type : BROWSER-IE - Revision : 10
2014-01-10Microsoft Office SharePoint document conversion remote code excution attempt
RuleID : 18238 - Type : SERVER-WEBAPP - Revision : 13
2014-01-10Microsoft Internet Explorer 8 XSS in toStaticHTML API attempt
RuleID : 17766 - Type : BROWSER-IE - Revision : 15
2014-01-10Microsoft Internet Explorer 8 cross-site scripting attempt
RuleID : 16658 - Type : BROWSER-IE - Revision : 7

Nessus® Vulnerability Scanner

idDescription
2011-09-14Name : Arbitrary code can be executed on the remote host through Microsoft Office.
File : smb_nt_ms11-072.nasl - Type : ACT_GATHER_INFO
2011-09-14Name : The remote host is affected by multiple privilege escalation and information ...
File : smb_nt_ms11-074.nasl - Type : ACT_GATHER_INFO
2011-09-14Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms11-072.nasl - Type : ACT_GATHER_INFO
2010-12-15Name : The remote host has a remote code execution vulnerability.
File : smb_nt_ms10-104.nasl - Type : ACT_GATHER_INFO
2010-10-18Name : The remote host is affected by multiple cross-site scripting vulnerabilities.
File : safehtml_ms10_072.nasl - Type : ACT_GATHER_INFO
Hide | Show 4 More...
idDescription
2010-10-13Name : Arbitrary code can be executed on the remote host through a web browser.
File : smb_nt_ms10-071.nasl - Type : ACT_GATHER_INFO
2010-10-13Name : The remote host is affected by multiple cross-site scripting vulnerabilities.
File : smb_nt_ms10-072.nasl - Type : ACT_GATHER_INFO
2010-06-09Name : Arbitrary code can be executed on the remote host through a web browser.
File : smb_nt_ms10-035.nasl - Type : ACT_GATHER_INFO
2010-06-09Name : The remote host has multiple vulnerabilities.
File : smb_nt_ms10-039.nasl - Type : ACT_GATHER_INFO