The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of SharePoint Server

Microsoft SharePoint Server: Cross Site Scripting via help.aspx
An attacker can use the help page of Microsoft SharePoint Server, in order to generate a Cross Site Scripting...
2028554, 983438, BID-39776, CVE-2010-0817, MS10-039, VIGILANCE-VUL-9620
Excel: several vulnerabilities
An attacker can invite the victim to open a malicious Excel document, in order to execute code on his computer...
980150, BID-38547, BID-38550, BID-38551, BID-38552, BID-38553, BID-38554, BID-38555, CERTA-2010-AVI-115, CORE-2009-1103, CVE-2010-0257, CVE-2010-0258, CVE-2010-0260, CVE-2010-0261, CVE-2010-0262, CVE-2010-0263, CVE-2010-0264, MS10-017, VIGILANCE-VUL-9508, ZDI-10-025
Microsoft SharePoint: Cross Site Scripting
An attacker allowed to upload a malicious content to Microsoft SharePoint can create a Cross Site Scripting...
CVE-2008-5026, VIGILANCE-VUL-8245
Microsoft SharePoint Server: reading ASPX files
An attacker can obtain the source code of some pages hosted on Microsoft Office SharePoint Server...
976829, BID-36817, CVE-2009-3830, VIGILANCE-VUL-9126
Excel: several vulnerabilities
Several Excel vulnerabilities can be used by an attacker to execute code on computers of victims accepting to open a malicious file...
969462, BID-35215, BID-35241, BID-35242, BID-35243, BID-35244, BID-35245, BID-35246, CERTA-2009-AVI-216, CVE-2009-0549, CVE-2009-0557, CVE-2009-0558, CVE-2009-0559, CVE-2009-0560, CVE-2009-0561, CVE-2009-1134, FSC20090609-01, MS09-021, VIGILANCE-VUL-8777, ZDI-09-040
Microsoft Office SharePoint: access to the administration interface
An attacker can access to a part of the administration interface of Microsoft Office SharePoint...
957175, BID-32638, CERTA-2008-AVI-591, CVE-2008-4032, MS08-077, VIGILANCE-VUL-8309
Excel: three vulnerabilities
An attacker can create a malicious Excel file and invite the victim to open it in order to execute code on his computer...
956416, BID-31702, BID-31705, BID-31706, CERTA-2008-AVI-498, CVE-2008-3471, CVE-2008-3477, CVE-2008-4019, MS08-057, VIGILANCE-VUL-8165, ZDI-08-068
Windows, Office: several vulnerabilities of GDI
A local or remote attacker can create malicious programs or images in order to generate a denial of service or code execution on victim's computer...
954593, BA565, BID-31018, BID-31019, BID-31020, BID-31021, BID-31022, CERTA-2008-AVI-449, CVE-2007-5348, CVE-2008-3012, CVE-2008-3013, CVE-2008-3014, CVE-2008-3015, FSC20080909-12, MS08-052, VIGILANCE-VUL-8097
MS Excel: remote code execution via record
An attacker can create a malicious spreadsheet, in order to execute code...
954066, CVE-2008-3006, MS08-043, VIGILANCE-VUL-8019
Windows SharePoint: JavaScript injection
An authenticated attacker can inject JavaScript code in Windows SharePoint Services...
BID-28706, CAU-2008-0002, VIGILANCE-VUL-7751
Our database contains other pages. You can request a free trial to read them.

Display information about SharePoint Server: