oval:org.mitre.oval:def:27824

Definition Id: oval:org.mitre.oval:def:27824

Oval ID:	oval:org.mitre.oval:def:27824
Title:	SharePoint elevation of privilege vulnerability - CVE-2014-4116 (MS14-073)
Description:	Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2 allows remote authenticated users to inject arbitrary web script or HTML via a modified list, aka "SharePoint Elevation of Privilege Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-4116	Version:	4
Platform(s):	Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Vista	Product(s):	Microsoft SharePoint Foundation 2010
Definition Synopsis:
Microsoft SharePoint Foundation 2010 is installed AND Check if the version of Onetutil.dll is less than 14.0.7137.5000

Definition Id: oval:org.mitre.oval:def:12224

Oval ID:	oval:org.mitre.oval:def:12224
Title:	Microsoft SharePoint Foundation 2010 is installed
Description:	Microsoft SharePoint Foundation 2010 is installed.
Family:	windows	Class:	inventory
Reference(s):	cpe:/a:microsoft:sharepoint_foundation:2010	Version:	5
Platform(s):	Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2012 Microsoft Windows 8	Product(s):	Microsoft SharePoint Foundation 2010
Definition Synopsis:
SharePoint Foundation 2010 is installed.
Referenced By:
oval:org.mitre.oval:def:27824