Microsoft Office SharePoint Server Security Bypass Vulnerability (10 December 2008)

Last Update Date: 28 Jan 2011 Release Date: 10 Dec 2008 4486 Views

RISK: Medium Risk

An elevation of privilege vulnerability exists in Microsoft Office SharePoint Server 2007 and Microsoft Office SharePoint Server 2007 Service Pack 1. The vulnerability could allow elevation of privilege if an attacker bypasses authentication by browsing to an administrative URL on a SharePoint site. A successful attack leading to elevation of privilege could result in denial of service or information disclosure.

Impact

Elevation of Privilege

System / Technologies affected

Microsoft Office SharePoint Server 2007
Microsoft Search Server 2008

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.
Download locations for this patch

Microsoft Office SharePoint Server 2007 (32-bit editions)

Microsoft Office SharePoint Server 2007 Service Pack 1 (32-bit editions)

Microsoft Office SharePoint Server 2007 (64-bit editions)

Microsoft Office SharePoint Server 2007 Service Pack 1 (64-bit editions)

Microsoft Search Server 2008 (32-bit editions)

Microsoft Search Server 2008 (64-bit editions)

Vulnerability Identifier

CVE-2008-4032

Source

Related Link

Share with

Microsoft Office Word Multiple Code Execution Vulnerabilities (10 December 2008)

10 Dec 2008 4565 Views

Microsoft Office Excel Multiple Code Execution Vulnerabilities (10 December 2008)

10 Dec 2008 4421 Views