Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.805993
Kategorie:Windows : Microsoft Bulletins
Titel:MS SharePoint Server and Foundation Multiple Vulnerabilities (3096440)
Zusammenfassung:This host is missing an important security; update according to Microsoft Bulletin MS15-110.
Beschreibung:Summary:
This host is missing an important security
update according to Microsoft Bulletin MS15-110.

Vulnerability Insight:
Multiple flaws are due to:

- An error in the SharePoint InfoPath Forms Services improperly parses the
Document Type Definition (DTD) of an XML file.

- An error as SharePoint does not enforce the appropriate permission level
for an application or user.

- An error when an Office Web Apps Server does not properly sanitize a specially
crafted request.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to perform cross-site scripting attacks on affected systems, bypass
security restrictions and gain access to sensitive information.

Affected Software/OS:
- Microsoft SharePoint Server 2007 Service Pack 3

- Microsoft SharePoint Server 2010 Service Pack 2

- Microsoft SharePoint Server 2013 Service Pack 1 and

- Microsoft SharePoint Foundation 2013 Service Pack 1

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-2556
Microsoft Security Bulletin: MS15-110
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-110
http://www.securitytracker.com/id/1033804
Common Vulnerability Exposure (CVE) ID: CVE-2015-6039
Common Vulnerability Exposure (CVE) ID: CVE-2015-6037
http://www.securitytracker.com/id/1033803
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.