Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:INFO-LEAK:SHAREPOINT-INFO |
|---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
Microsoft SharePoint Server Information Disclosure Vulnerability |
Release Date |
2011/09/12 |
Update Number |
1992 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Microsoft SharePoint Server Information Disclosure Vulnerability
This signature detects attempts to exploit a known vulnerability against Microsoft SharePoint Server. A successful attack can result in the attacker gaining unauthorized information about the target system without the victim's knowledge.
Extended Description
Microsoft SharePoint is prone to a vulnerability that lets attackers access local files. An attacker can exploit this vulnerability to retrieve local files from a vulnerable computer in the context of the vulnerable service. Information obtained may aid in further attacks.
Affected Products
- Microsoft groove_2007 SP2
- Microsoft groove_server_2010 SP1
- Microsoft groove_server_2010
- Microsoft office_forms_server_2007 SP2
- Microsoft office_groove_data_bridge_server_2007 SP2
- Microsoft office_groove_management_server_2007 SP2
- Microsoft office_web_apps_2010 SP1
- Microsoft office_web_apps_2010
- Microsoft sharepoint_foundation_2010
- Microsoft sharepoint_server_2007 SP2
- Microsoft sharepoint_server_2007_x64 SP2
- Microsoft sharepoint_server_2010 SP1
- Microsoft sharepoint_server_2010_enterprise_edition
- Microsoft sharepoint_server_2010_standard_edition
- Microsoft sharepoint_services 3.0 SP2
- Microsoft sharepoint_services_64-bit 3.0 SP2
- Microsoft sharepoint_workspace_2010 SP1
- Microsoft sharepoint_workspace_2010
References
- BugTraq: 49511
- CVE: CVE-2011-1892