Межсайтовый скриптинг в Microsoft Office SharePoint, InfoPath и Groove

Дата публикации:	11.07.2012
Всего просмотров:	1546
Опасность:	Низкая
Наличие исправления:	Да
Количество уязвимостей:	1
CVSSv2 рейтинг:	4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:O/RC:C)
CVE ID:	CVE-2012-1858
Вектор эксплуатации:	Удаленная
Воздействие:	Межсайтовый скриптинг
CWE ID:	Нет данных
Наличие эксплоита:	Нет данных
Уязвимые продукты:	Microsoft Office SharePoint Server 2007 Microsoft Office Web Apps Microsoft SharePoint Foundation 2010 Microsoft SharePoint Server 2010 Microsoft Windows SharePoint Services 3.x Microsoft Office InfoPath 2007 Microsoft InfoPath 2010 Microsoft Groove Server 2010
	Уязвимые версии: Microsoft Office SharePoint Server 2007 Microsoft Office SharePoint Server 2010 Microsoft InfoPath 2007 Microsoft Groove Server 2010 Microsoft Windows SharePoint Services 3.0 SharePoint Foundation 2010 Microsoft Office Web Apps 2010 Описание: Уязвимость позволяет удаленному пользователю произвести XSS нападение. Уязвимость существует из-за недостаточной обработки HTML строк. Удаленный пользователь может произвести XSS нападение и выполнить произвольный код сценария в контексте безопасности авторизованного пользователя. Подробное описание уязвимости: http://www.securitylab.ru/vulnerability/425634.php #1 URL производителя: www.microsoft.com Решение: Установите исправление с сайта производителя.
	Microsoft InfoPath 2007 Service Pack 2: http://www.microsoft.com/downloads/details.aspx?familyid=da8fa3b6-5d01-49e1-a1ce-e3f47ace102b http://www.microsoft.com/downloads/details.aspx?familyid=a0c826bc-aef8-4833-8471-1824a405c59f Microsoft InfoPath 2007 Service Pack 3: http://www.microsoft.com/downloads/details.aspx?familyid=da8fa3b6-5d01-49e1-a1ce-e3f47ace102b http://www.microsoft.com/downloads/details.aspx?familyid=a0c826bc-aef8-4833-8471-1824a405c59f Microsoft InfoPath 2010 (32-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=698e6369-253b-4dbe-b6cd-7ea5ea09e043 http://www.microsoft.com/downloads/details.aspx?familyid=036b2482-0fb4-46f0-9c38-8bae6d0d669b Microsoft InfoPath 2010 Service Pack 1 (32-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=698e6369-253b-4dbe-b6cd-7ea5ea09e043 http://www.microsoft.com/downloads/details.aspx?familyid=036b2482-0fb4-46f0-9c38-8bae6d0d669b Microsoft InfoPath 2010 (64-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=3bf373aa-b4ad-4e1a-9578-800485ece148 http://www.microsoft.com/downloads/details.aspx?familyid=e24337cb-83b4-424f-bc4d-0d43437228a2 Microsoft InfoPath 2010 Service Pack 1 (64-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=3bf373aa-b4ad-4e1a-9578-800485ece148 http://www.microsoft.com/downloads/details.aspx?familyid=e24337cb-83b4-424f-bc4d-0d43437228a2 Microsoft Office SharePoint Server 2007 Service Pack 2 (32-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=4073d6e1-32f0-44a8-ae55-3c140ebc09d2 http://www.microsoft.com/downloads/details.aspx?familyid=d9091923-67c7-4535-b44c-40a5292a94d9 Microsoft Office SharePoint Server 2007 Service Pack 3 (32-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=4073d6e1-32f0-44a8-ae55-3c140ebc09d2 http://www.microsoft.com/downloads/details.aspx?familyid=d9091923-67c7-4535-b44c-40a5292a94d9 Microsoft Office SharePoint Server 2007 Service Pack 2 (64-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=b1acb373-0041-4883-8834-90a72ac04c91 http://www.microsoft.com/downloads/details.aspx?familyid=723a5553-8610-49bf-99c0-bd94926bdc0b Microsoft Office SharePoint Server 2007 Service Pack 3 (64-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=b1acb373-0041-4883-8834-90a72ac04c91 http://www.microsoft.com/downloads/details.aspx?familyid=723a5553-8610-49bf-99c0-bd94926bdc0b Microsoft SharePoint Server 2010: http://www.microsoft.com/downloads/details.aspx?familyid=59cbb3d0-4ba5-4f89-b54c-ae9aa2aa3b41 http://www.microsoft.com/downloads/details.aspx?familyid=8a853489-a3ec-4be2-8093-6a992f9c8368 Microsoft SharePoint Server 2010 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=59cbb3d0-4ba5-4f89-b54c-ae9aa2aa3b41 http://www.microsoft.com/downloads/details.aspx?familyid=8a853489-a3ec-4be2-8093-6a992f9c8368 Microsoft Groove Server 2010: http://www.microsoft.com/downloads/details.aspx?FamilyId=e2346078-fc93-4355-bc83-0d0dc1cd4b2f Microsoft Groove Server 2010 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?FamilyId=e2346078-fc93-4355-bc83-0d0dc1cd4b2f Microsoft Windows SharePoint Services 3.0 Service Pack 2 (32-bit version): http://www.microsoft.com/downloads/details.aspx?familyid=61b9f234-3d9c-41d4-854d-30ca5e6fd2a6 Microsoft Windows SharePoint Services 3.0 Service Pack 2 (64-bit version): http://www.microsoft.com/downloads/details.aspx?familyid=24265175-635f-4846-afcc-f692d4710707 Microsoft SharePoint Foundation 2010: http://www.microsoft.com/downloads/details.aspx?familyid=4d610646-a0bd-492c-9077-fb2c92588c14 Microsoft SharePoint Foundation 2010 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=4d610646-a0bd-492c-9077-fb2c92588c14 Microsoft Office Web Apps 2010: http://www.microsoft.com/downloads/details.aspx?familyid=f2d1c371-d617-4792-966e-14ae9ed6b8a1 Microsoft Office Web Apps 2010 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=f2d1c371-d617-4792-966e-14ae9ed6b8a1
Ссылки:	MS12-050: Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502)

Межсайтовый скриптинг в Microsoft Office SharePoint, InfoPath и Groove

Подпишитесь на email рассылку