Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2451858) |
Informations | |||
---|---|---|---|
Name | MS11-074 | First vendor Publication | 2011-09-13 |
Vendor | Microsoft | Last vendor Modification | 2011-10-11 |
Severity (Vendor) | Important | Revision | 1.3 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 4.3 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Severity Rating: Important |
Original Source
Url : http://technet.microsoft.com/en-us/security/bulletin/ms11-074 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
83 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
17 % | CWE-200 | Information Exposure |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12577 | |||
Oval ID: | oval:org.mitre.oval:def:12577 | ||
Title: | toStaticHTML Information Disclosure Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified strings, aka "toStaticHTML Information Disclosure Vulnerability" or "HTML Sanitization Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1252 | Version: | 11 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12676 | |||
Oval ID: | oval:org.mitre.oval:def:12676 | ||
Title: | SharePoint XSS Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010, Windows SharePoint Services 2.0 and 3.0 SP2, and SharePoint Foundation 2010 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "SharePoint XSS Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1893 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft SharePoint Server 2010 Microsoft Windows SharePoint Services 2.0 Microsoft Windows SharePoint Services 3.0 Microsoft SharePoint Foundation 2010 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12788 | |||
Oval ID: | oval:org.mitre.oval:def:12788 | ||
Title: | Editform Script Injection Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in EditForm.aspx in Microsoft Office SharePoint Server 2010 and SharePoint Foundation 2010 allows remote attackers to inject arbitrary web script or HTML via a post, aka "Editform Script Injection Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1890 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft SharePoint Server 2010 Microsoft SharePoint Foundation 2010 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12835 | |||
Oval ID: | oval:org.mitre.oval:def:12835 | ||
Title: | XSS in SharePoint Calendar Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010 Gold and SP1, and SharePoint Foundation 2010, allows remote attackers to inject arbitrary web script or HTML via the URI, aka "XSS in SharePoint Calendar Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0653 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft SharePoint Server 2010 Microsoft SharePoint Foundation 2010 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12864 | |||
Oval ID: | oval:org.mitre.oval:def:12864 | ||
Title: | Contact Details Reflected XSS Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in a request to a script, aka "Contact Details Reflected XSS Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1891 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Windows SharePoint Services 3.0 Microsoft SharePoint Foundation 2010 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12885 | |||
Oval ID: | oval:org.mitre.oval:def:12885 | ||
Title: | HTML Sanitization Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified strings, aka "toStaticHTML Information Disclosure Vulnerability" or "HTML Sanitization Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1252 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft SharePoint Server 2007 Microsoft SharePoint Server 2010 Microsoft Groove Server 2010 Microsoft Windows SharePoint Services 3.0 Microsoft SharePoint Foundation 2010 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12907 | |||
Oval ID: | oval:org.mitre.oval:def:12907 | ||
Title: | SharePoint Remote File Disclosure Vulnerability | ||
Description: | Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management Server 2007 SP2, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, and Office Web Apps 2010 Gold and SP1 do not properly handle Web Parts containing XML classes referencing external entities, which allows remote authenticated users to read arbitrary files via a crafted XML and XSL file, aka "SharePoint Remote File Disclosure Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1892 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Office Groove 2007 Microsoft SharePoint Workspace 2010 Microsoft Office Forms Server 2007 Microsoft SharePoint Server 2007 Microsoft SharePoint Server 2010 Microsoft Office Groove Server 2007 Data Bridge Microsoft Office Groove Management Server 2007 Microsoft Groove Server 2010 Microsoft Windows SharePoint Services 3.0 Microsoft SharePoint Foundation 2010 Microsoft Office Web Apps 2010 Microsoft Word Web App 2010 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 | |
Application | 1 | |
Application | 1 | |
Application | 1 | |
Application | 2 | |
Application | 2 | |
Application | 2 | |
Application | 2 | |
Application | 4 | |
Application | 3 | |
Application | 4 |
ExploitDB Exploits
id | Description |
---|---|
2011-09-20 | File disclosure via XEE in SharePoint 2007/2010 and DotNetNuke < 6 |
OpenVAS Exploits
Date | Description |
---|---|
2011-09-14 | Name : Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities (2451858) File : nvt/secpod_ms11-074.nasl |
2011-06-15 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (2530548) File : nvt/secpod_ms11-050.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
75393 | Microsoft SharePoint Unspecified URI XSS |
75392 | Microsoft SharePoint XML File Arbitrary File Disclosure |
75391 | Microsoft SharePoint Contact Details XSS |
75390 | Microsoft SharePoint EditForm.aspx XSS |
75389 | Microsoft SharePoint SharePoint Calendar URI XSS |
75381 | Microsoft SharePoint XML / XSL File Handling Unspecified Arbitrary File Discl... |
72944 | Microsoft IE SafeHTML Function XSS |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-09-15 | IAVM : 2011-B-0115 - Multiple Vulnerabilities in Microsoft Office SharePoint Severity : Category II - VMSKEY : V0030239 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Internet Explorer toStaticHTML XSS attempt RuleID : 21569 - Revision : 6 - Type : BROWSER-IE |
2014-01-10 | Microsoft SharePoint XSS RuleID : 20117 - Revision : 8 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft Office SharePoint Javascript XSS attempt RuleID : 20116 - Revision : 14 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft Office SharePoint XML external entity exploit attempt RuleID : 20115 - Revision : 10 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft SharePoint hiddenSpanData cross site scripting attempt RuleID : 20114 - Revision : 8 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft Office SharePoint XSS vulnerability attempt RuleID : 20113 - Revision : 10 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft Office SharePoint XSS vulnerability attempt RuleID : 20112 - Revision : 9 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft Office SharePoint XSS vulnerability attempt RuleID : 20111 - Revision : 9 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft Internet Explorer 8 toStaticHTML XSS attempt RuleID : 19239 - Revision : 7 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-09-14 | Name : The remote host is affected by multiple privilege escalation and information ... File : smb_nt_ms11-074.nasl - Type : ACT_GATHER_INFO |
2011-06-15 | Name : Arbitrary code can be executed on the remote host through a web browser. File : smb_nt_ms11-050.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:47:06 |
|
2014-01-19 21:30:44 |
|
2013-11-11 12:41:25 |
|
2013-05-11 00:49:53 |
|