ID de Prueba:	1.3.6.1.4.1.25623.1.0.805993
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft SharePoint Server and Foundation Multiple Vulnerabilities (3096440)
Resumen:	This host is missing an important security; update according to Microsoft Bulletin MS15-110.
Descripción:	Summary: This host is missing an important security update according to Microsoft Bulletin MS15-110. Vulnerability Insight: Multiple flaws are due to: - An error in the SharePoint InfoPath Forms Services improperly parses the Document Type Definition (DTD) of an XML file. - An error as SharePoint does not enforce the appropriate permission level for an application or user. - An error when an Office Web Apps Server does not properly sanitize a specially crafted request. Vulnerability Impact: Successful exploitation will allow remote attackers to perform cross-site scripting attacks on affected systems, bypass security restrictions and gain access to sensitive information. Affected Software/OS: - Microsoft SharePoint Server 2007 Service Pack 3 - Microsoft SharePoint Server 2010 Service Pack 2 - Microsoft SharePoint Server 2013 Service Pack 1 and - Microsoft SharePoint Foundation 2013 Service Pack 1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2556 Microsoft Security Bulletin: MS15-110 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-110 http://www.securitytracker.com/id/1033804 Common Vulnerability Exposure (CVE) ID: CVE-2015-6039 Common Vulnerability Exposure (CVE) ID: CVE-2015-6037 http://www.securitytracker.com/id/1033803
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.