First published: Wed Dec 10 2008(Updated: )
Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properly perform authentication and authorization for administrative functions, which allows remote attackers to cause a denial of service (server load), obtain sensitive information, and "create scripts that would run in the context of the site" via requests to administrative URIs, aka "Access Control Vulnerability."
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Office SharePoint Server | =2007 | |
Microsoft Office SharePoint Server | =2007-sp1 | |
Microsoft Office SharePoint Server | =2007 | |
Microsoft Search Server | =2008 | |
Microsoft Office SharePoint Server | =2007-sp1 | |
Microsoft Search Server | =2008 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.