Microsoft SharePoint Server 2010 / Foundation 2010 Multiple
Microsoft SharePoint Server 2010 / Foundation 2010 Multiple Vulnerabilities
Release Date: 2013-03-12
Criticality level : Moderately critical
Impact : Security Bypass
Cross Site Scripting
Exposure of system information
Where : From remote
Solution Status : Vendor Patch
Microsoft SharePoint Foundation 2010
Microsoft SharePoint Server 2010
Multiple vulnerabilities have been reported in Microsoft Sharepoint Server 2010 and Foundation 2010, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, disclose certain system information, and cause a DoS (Denial of Service).
1) The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. gain knowledge otherwise restricted content when a user visits a specially crafted web page.
2) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
3) Certain unspecified input is not properly verified before being used. This can be exploited to disclose certain system data via directory traversal sequences.
This vulnerability affects Microsoft SharePoint Server 2010 only.
4) An error related to the W3WP process when handling URLs can be exploited to cause a buffer overflow and subsequently terminate the W3WP process via a specially crafted URL.
Provided and/or discovered by:
1) The vendor credits Emanuel Bronshtein, BugSec.
2) The vendor credits Sunil Yadav, INR Labs (Network Intelligence India).
3) The vendor credits Moritz Jodeit, n.runs AG.
4) Reported by the vendor.
MS13-024 (KB2553407, KB2687418, KB2780176):
Was this reply helpful? (0) (0)