Check Point Advisories

Preemptive Protection against Microsoft SharePoint Server Multiple Cross Site Scripting Vulnerabilities (MS11-074)

Check Point Reference: CPAI-2011-403
Date Published: 13 Sep 2011
Severity: High
Last Updated: Saturday 01 January, 2011
Source: Microsoft Security Bulletin MS11-074
Industry Reference:CVE-2011-1890
CVE-2011-0653
CVE-2011-1893
CVE-2011-1891
Protection Provided by:
Who is Vulnerable? SharePoint Server 2010
Vulnerability Description Multiple cross-site scripting vulnerabilities have been reported in Microsoft SharePoint Server. A remote attacker could exploit these vulnerabilities to execute a cross-site scripting attack that could allow him to issue commands in an affected SharePoint server.
Update/Patch AvaliableApply patches from:
Microsoft Security Bulletin MS11-074
Vulnerability DetailsThe vulnerabilities are due to insufficient validation of user input by an affected SharePoint server. An attacker can exploit these vulnerabilities by convincing unsuspecting users to open a specially crafted website. Successful exploitation will allow an attacker to issue SharePoint commands in an affected server, in the security context of the logged in user.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK