Vulnerability In Microsoft Office SharePoint Server Could Cause Elevation Of Privilege (957175) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS08-077.

Impact

Successful attack result in bypassing certain security restrictions by using web browser to directly access the vulnerable administrative functionality. Impact Level: Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link. http://www.microsoft.com/technet/security/bulletin/ms08-077.mspx

Insight

The flaw is due to SharePoint Server does not properly restrict access to administrative portions of the application.

Affected

Microsoft Search Server 2008 Microsoft Office SharePoint Server

References

http://www.microsoft.com/technet/security/bulletin/ms08-077.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-4032

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Microsoft IIS Security Bypass Vulnerability (970483)
ADODB.Stream object from Internet Explorer (KB870669)
Cumulative Security Update for Internet Explorer (953838)
Microsoft .NET Framework Multiple Vulnerabilities (2916607)
Microsoft DirectAccess Security Advisory (2862152)

Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175)

Take action and discover your vulnerabilities