Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4032

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-4032
Last Modified 07 Mar 2011 10:11:50
Published 10 Dec 2008 09:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4032

Summary

Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properly perform authentication and authorization for administrative functions, which allows remote attackers to cause a denial of service (server load), obtain sensitive information, and "create scripts that would run in the context of the site" via requests to administrative URIs, aka "Access Control Vulnerability."

Vulnerable Systems

Application

  • Microsoft Office Sharepoint Server 2007

  • Microsoft Search Server 2008


References

CERT - TA08-344A

VUPEN - ADV-2008-3389

SECTRACK - 1021367

MS - MS08-077

SECUNIA - 33063


Last Updated: 27 May 2016 10:48:22