The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Microsoft Office SharePoint Server

computer vulnerability alert CVE-2017-11934 CVE-2017-11935 CVE-2017-11936

Microsoft Office: vulnerabilities of December 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Microsoft OCS, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 4.
Creation date: 13/12/2017.
Identifiers: CERTFR-2017-AVI-466, CVE-2017-11934, CVE-2017-11935, CVE-2017-11936, CVE-2017-11939, VIGILANCE-VUL-24756.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-11876

Microsoft SharePoint Enterprise Server 2016: privilege escalation

Synthesis of the vulnerability

An attacker can bypass restrictions of Microsoft SharePoint Enterprise Server 2016, in order to escalate his privileges.
Impacted products: MOSS.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: intranet client.
Creation date: 15/11/2017.
Identifiers: CERTFR-2017-AVI-408, CVE-2017-11876, VIGILANCE-VUL-24439.

Description of the vulnerability

An attacker can bypass restrictions of Microsoft SharePoint Enterprise Server 2016, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2017-11854 CVE-2017-11877 CVE-2017-11878

Microsoft Office: vulnerabilities of november 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 15/11/2017.
Identifiers: CERTFR-2017-AVI-408, CVE-2017-11854, CVE-2017-11877, CVE-2017-11878, CVE-2017-11882, CVE-2017-11884, VIGILANCE-VUL-24438, VU#421280, ZDI-17-915, ZDI-17-929.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-11775 CVE-2017-11777 CVE-2017-11820

Microsoft SharePoint Enterprise Server: vulnerabilities of October 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: MOSS.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 4.
Creation date: 11/10/2017.
Identifiers: CVE-2017-11775, CVE-2017-11777, CVE-2017-11820, CVE-2017-11826, VIGILANCE-VUL-24092.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-8567 CVE-2017-8629 CVE-2017-8630

Microsoft Office/SharePoint: vulnerabilities of September 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 14.
Creation date: 13/09/2017.
Identifiers: CERTFR-2017-AVI-294, CERTFR-2017-AVI-297, CVE-2017-8567, CVE-2017-8629, CVE-2017-8630, CVE-2017-8631, CVE-2017-8632, CVE-2017-8676, CVE-2017-8682, CVE-2017-8695, CVE-2017-8696, CVE-2017-8725, CVE-2017-8742, CVE-2017-8743, CVE-2017-8744, CVE-2017-8745, VIGILANCE-VUL-23824, ZDI-17-727, ZDI-17-730, ZDI-17-732.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-8654

Microsoft SharePoint Server 2010: information disclosure via Spoofing

Synthesis of the vulnerability

An attacker can bypass access restrictions to data of Microsoft SharePoint Server 2010, in order to obtain sensitive information.
Impacted products: MOSS.
Severity: 2/4.
Consequences: data reading.
Provenance: intranet server.
Creation date: 09/08/2017.
Identifiers: CERTFR-2017-AVI-260, CVE-2017-8654, VIGILANCE-VUL-23479.

Description of the vulnerability

An attacker can bypass access restrictions to data of Microsoft SharePoint Server 2010, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2017-0243 CVE-2017-8501 CVE-2017-8502

Microsoft Office/SharePoint: vulnerabilities of July 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft Office and SharePoint.
Impacted products: Office, Excel, MOSS.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 8.
Creation date: 12/07/2017.
Identifiers: CERTFR-2017-AVI-208, CERTFR-2017-AVI-241, CVE-2017-0243, CVE-2017-8501, CVE-2017-8502, CVE-2017-8569, CVE-2017-8570, CVE-2017-8571, CVE-2017-8572, CVE-2017-8663, VIGILANCE-VUL-23203.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-8506 CVE-2017-8507 CVE-2017-8508

Microsoft Office: vulnerabilities of June 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft Office.
Impacted products: Office, Excel, OneNote, Outlook, PowerPoint, MOSS, Word.
Severity: 4/4.
Consequences: client access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 10.
Creation date: 14/06/2017.
Identifiers: CERTFR-2017-AVI-177, CVE-2017-8506, CVE-2017-8507, CVE-2017-8508, CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-8513, CVE-2017-8514, CVE-2017-8545, VIGILANCE-VUL-22965.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-0254 CVE-2017-0255 CVE-2017-0281

Microsoft SharePoint: vulnerabilities of May 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft SharePoint.
Impacted products: MOSS.
Severity: 3/4.
Consequences: user access/rights, denial of service on client.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 10/05/2017.
Identifiers: CVE-2017-0254, CVE-2017-0255, CVE-2017-0281, VIGILANCE-VUL-22686.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-0195

Microsoft SharePoint Server: vulnerabilities of April 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: MOSS.
Severity: 2/4.
Consequences: privileged access/rights.
Provenance: user account.
Creation date: 12/04/2017.
Identifiers: CVE-2017-0195, VIGILANCE-VUL-22414.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Microsoft Office SharePoint Server: