The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of MOSS

vulnerability bulletin CVE-2013-3889 CVE-2013-3895

Microsoft SharePoint: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft SharePoint.
Impacted products: MOSS.
Severity: 3/4.
Consequences: administrator access/rights, user access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 08/10/2013.
Identifiers: 2885089, BID-62800, BID-62829, CERTA-2013-AVI-563, CVE-2013-3889, CVE-2013-3895, MS13-084, VIGILANCE-VUL-13563.

Description of the vulnerability

Several vulnerabilities were announced in Microsoft SharePoint.

An attacker can generate a memory corruption via an Excel document, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-62829, CVE-2013-3889]

An attacker can use a ClickJacking, in order to escalate his privileges. [severity:2/4; BID-62800, CVE-2013-3895]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2013-0081 CVE-2013-1315 CVE-2013-1330

Microsoft SharePoint Server: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft SharePoint Server.
Impacted products: Office, Excel, MOSS, Word.
Severity: 4/4.
Consequences: administrator access/rights, user access/rights, client access/rights, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 10.
Creation date: 10/09/2013.
Identifiers: 2834052, BID-62165, BID-62168, BID-62169, BID-62205, BID-62221, BID-62224, BID-62226, BID-62227, BID-62254, CERTA-2013-AVI-512, CVE-2013-0081, CVE-2013-1315, CVE-2013-1330, CVE-2013-3179, CVE-2013-3180, CVE-2013-3847, CVE-2013-3848, CVE-2013-3849, CVE-2013-3857, CVE-2013-3858, MS13-067, VIGILANCE-VUL-13397.

Description of the vulnerability

Several vulnerabilities were announced in Microsoft SharePoint Server.

An attacker can use a malicious url, in order to trigger a denial of service. [severity:2/4; BID-62205, CVE-2013-0081]

An attacker can generate a memory corruption with an Excel file, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2013-1315]

When Viewstate MAC is disabled, an attacker can use an unassigned workflow, in order to execute code. [severity:4/4; BID-62221, CVE-2013-1330]

An attacker can trigger a Cross Site Scripting, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-62227, CVE-2013-3179]

An attacker can trigger a Cross Site Scripting via a POST query, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-62254, CVE-2013-3180]

An attacker can generate a memory corruption via a Word file, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-62165, CVE-2013-3847]

An attacker can generate a memory corruption via a Word file, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-62168, CVE-2013-3848]

An attacker can generate a memory corruption via a Word file, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-62169, CVE-2013-3849]

An attacker can generate a memory corruption via a Word file, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-62224, CVE-2013-3857]

An attacker can generate a memory corruption via a Word file, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-62226, CVE-2013-3858]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2013-1289

Microsoft SharePoint Server, InfoPath: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in Microsoft SharePoint Server 2010, in order to execute JavaScript code in the context of the web site.
Impacted products: Office, InfoPath, MOSS.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 09/04/2013.
Identifiers: 2821818, BID-58883, CERTA-2013-AVI-232, CVE-2013-1289, MS13-035, VIGILANCE-VUL-12640.

Description of the vulnerability

The web service of Microsoft SharePoint Server hosts users' data.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting in Microsoft SharePoint Server 2010, in order to execute JavaScript code in the context of the web site.

Note: Microsoft InfoPath 2010 contains the vulnerable component, but it cannot be used as an attack vector.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2013-1290

Microsoft SharePoint Server: information disclosure

Synthesis of the vulnerability

An authenticated attacker can access to some documents of Microsoft SharePoint Server, which should be protected by an access control.
Impacted products: MOSS.
Severity: 2/4.
Consequences: data reading.
Provenance: user account.
Creation date: 09/04/2013.
Identifiers: 2827663, BID-58844, CERTA-2013-AVI-227, CVE-2013-1290, MS13-030, VIGILANCE-VUL-12635.

Description of the vulnerability

The Microsoft SharePoint Server 2013 service can be installed as a migration from version 2010.

However, in this case, access controls are not applied on some lists.

An authenticated attacker can therefore access to some documents of Microsoft SharePoint Server, which should be protected by an access control.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2013-0080 CVE-2013-0083 CVE-2013-0084

Microsoft SharePoint Server 2010: four vulnerabilities

Synthesis of the vulnerability

A remote attacker can use four vulnerabilities of Microsoft SharePoint Server 2010, in order to elevate his privileges.
Impacted products: MOSS.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 4.
Creation date: 12/03/2013.
Identifiers: 2780176, BID-58367, BID-58370, BID-58371, BID-58372, CERTA-2013-AVI-180, CVE-2013-0080, CVE-2013-0083, CVE-2013-0084, CVE-2013-0085, MS13-024, VIGILANCE-VUL-12513.

Description of the vulnerability

Four vulnerabilities were announced in Microsoft SharePoint Server 2010.

An attacker can read or delete data. [severity:3/4; BID-58371, CVE-2013-0080]

An attacker can trigger a Cross Site Scripting, in order to perform operations on the server, with victim's privileges. [severity:3/4; BID-58367, CVE-2013-0083]

An attacker can use a special url, in order to access to the content of other directories. [severity:3/4; BID-58370, CVE-2013-0084]

An attacker can use a special url, to trigger a buffer overflow, in order to stop the W3WP process. [severity:2/4; BID-58372, CVE-2013-0085]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2013-0393 CVE-2013-0418

Oracle Outside In Technology: several vulnerabilities of January 2013

Synthesis of the vulnerability

Several vulnerabilities of Oracle Outside In Technology are fixed by the CPU of January 2013.
Impacted products: McAfee Email and Web Security, GroupShield, McAfee Security for Email Servers, Exchange, MOSS, Oracle OIT, Symantec Enterprise Vault.
Severity: 3/4.
Consequences: user access/rights, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 16/01/2013.
Revision date: 18/01/2013.
Identifiers: 2809279, BID-57357, BID-57364, CERTA-2013-AVI-041, CERTA-2013-AVI-116, cpujan2013, CVE-2013-0393, CVE-2013-0418, MS13-012, VIGILANCE-VUL-12333, ZDI-13-001.

Description of the vulnerability

A Critical Patch Update fixes several vulnerabilities of Oracle Outside In Technology. These libraries are used by several products, which are thus also impacted by these vulnerabilities.

An attacker can create malicious Paradox data, in order to force the vspdx.dll library to read at an invalid memory address, which leads to a denial of service. [severity:2/4; BID-57357, CVE-2013-0393]

An attacker can create malicious Paradox data, in order to trigger a buffer overflow in the vspdx.dll library, which can lead to code execution. [severity:3/4; BID-57364, CVE-2013-0418]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2013-0006 CVE-2013-0007

Windows, IE, Office, SharePoint: code execution via Microsoft XML Core Services

Synthesis of the vulnerability

An attacker can invite the victim to open a malformed XML document, with an application using Microsoft XML Core Services, in order to corrupt the memory, and to execute code.
Impacted products: Office, Access, Excel, Microsoft FrontPage, InfoPath, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista, Windows XP.
Severity: 4/4.
Consequences: user access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 08/01/2013.
Identifiers: 2756145, BID-57116, BID-57122, CERTA-2013-AVI-011, CVE-2013-0006, CVE-2013-0007, MS13-002, VIGILANCE-VUL-12310.

Description of the vulnerability

The Microsoft XML Core Services (MSXML) library is used by Microsoft applications which process XML data. It is impacted by two vulnerabilities.

An attacker can use XML data which truncates an integer, and corrupts the memory. [severity:4/4; BID-57116, CVE-2013-0006]

An attacker can use XSLT (Extensible Stylesheet Language Transformations) data which corrupt the memory. [severity:4/4; BID-57122, CVE-2013-0007]

An attacker can therefore invite the victim to open a malformed XML document, with an application using Microsoft XML Core Services (such as Internet Explorer), in order to corrupt the memory, and to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2012-3214 CVE-2012-3217

Oracle Outside In Technology: several vulnerabilities of October 2012

Synthesis of the vulnerability

Several vulnerabilities of Oracle Outside In Technology are corrected by the CPU of October 2012.
Impacted products: McAfee Email and Web Security, GroupShield, McAfee Security for Email Servers, Exchange, MOSS, Oracle OIT, Symantec Enterprise Vault.
Severity: 2/4.
Consequences: user access/rights, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 17/10/2012.
Identifiers: 2784242, BID-55977, BID-55993, CERTA-2012-AVI-578, CERTA-2013-AVI-117, cpuoct2012, CVE-2012-3214, CVE-2012-3217, MS13-013, PRL-2012-30, VIGILANCE-VUL-12076.

Description of the vulnerability

A Critical Patch Update corrects several vulnerabilities of Oracle Outside In Technology. These libraries are used by several products, which are thus also impacted by these vulnerabilities.

An attacker can create a malicious JPG image, which generates an error in the ibjpg2.flt filter, in order to create a denial of service. [severity:2/4; BID-55977, CVE-2012-3214, PRL-2012-30]

An attacker can use a vulnerability of Outside In HTML Export SDK, in order to create a denial of service. [severity:2/4; BID-55993, CVE-2012-3217]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2012-2520

Microsoft InfoPath, Communicator, Lync, SharePoint: privilege elevation via HTML Sanitization

Synthesis of the vulnerability

An attacker can invite the victim to display a malicious HTML document with Microsoft InfoPath, Communicator, Lync or SharePoint, in order to execute JavaScript code with victim's privileges.
Impacted products: Lync, Office, Office Communicator, InfoPath, MOSS.
Severity: 3/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 09/10/2012.
Identifiers: 2741517, BID-55797, CERTA-2012-AVI-556, CVE-2012-2520, MS12-066, VIGILANCE-VUL-12046.

Description of the vulnerability

The HTML Sanitization component purges HTML code, in order to suppress JavaScript code for example. An HTML document coming from an untrusted source, can then be displayed by a service. This component is incorporated in several Microsoft products.

However, in some cases, the JavaScript code is not filtered. It is then run in the context of the web site where it is displayed, and with privileges of the user authenticated on the site.

An attacker can therefore invite the victim to display a malicious HTML document with Microsoft InfoPath, Communicator, Lync or SharePoint, in order to execute JavaScript code with victim's privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2012-0182 CVE-2012-2528

Word: code execution via RTF

Synthesis of the vulnerability

An attacker can invite the victim to open a malicious RTF file with Word, in order to execute code on his computer.
Impacted products: Office, MOSS, Word.
Severity: 3/4.
Consequences: user access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 09/10/2012.
Identifiers: 2742319, BID-55780, BID-55781, CERTA-2012-AVI-554, CVE-2012-0182, CVE-2012-2528, MS12-064, VIGILANCE-VUL-12044, ZDI-12-201.

Description of the vulnerability

The Microsoft Word software supports RTF (Rich Text Format) documents. However, when Word opens a malicious RTF document, two vulnerabilities can be exploited.

A document with a malicious PAPX section corrupts the memory. [severity:3/4; BID-55780, CVE-2012-0182, ZDI-12-201]

A document with a malformed "listid" field forces the usage of a freed memory area. [severity:3/4; BID-55781, CVE-2012-2528]

An attacker can therefore invite the victim to open a malicious RTF file, in order to execute code on his computer.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about MOSS: