Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Microsoft Sharepoint
Опубликовано:13 марта 2013 г.
Источник:
SecurityVulns ID:12950
Тип:удаленная
Уровень опасности:
8/10
Описание:Переполнение буфера, обратный путь в каталогах, межсайтовый скриптинг, выполнение кода.
Затронутые продукты:MICROSOFT : SharePoint Server 2010
 MICROSOFT : SharePoint Foundation 2010
CVE:CVE-2013-0085 (Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a denial of service (W3WP process crash and site outage) via a crafted URL, aka "Buffer Overflow Vulnerability.")
 CVE-2013-0084 (Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "SharePoint Directory Traversal Vulnerability.")
 CVE-2013-0083 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command execution, aka "SharePoint XSS Vulnerability.")
 CVE-2013-0080 (Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability.")
Файлы:Microsoft Security Bulletin MS13-024 - Critical Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2780176)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород