Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1890

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1890
Last Modified 26 Jan 2012 10:59:59
Published 15 Sep 2011 08:26:48
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1890

Summary

Cross-site scripting (XSS) vulnerability in EditForm.aspx in Microsoft Office SharePoint Server 2010 and SharePoint Foundation 2010 allows remote attackers to inject arbitrary web script or HTML via a post, aka "Editform Script Injection Vulnerability."

Vulnerable Systems

Application

  • Microsoft Sharepoint Foundation 2010

  • Microsoft Sharepoint Server 2010


References

CERT - TA11-256A

MS - MS11-074

Related Patches

MS11-074 Security Update for Microsoft Office SharePoint Server 2007, 32-Bit Edition (KB2508964)

MS11-074 Security Update for Microsoft Office SharePoint Server 2007, 32-bit Edition (KB2553003)

MS11-074 Security Update for Microsoft Office SharePoint Server 2007, 32-bit Edition (KB2553001)

MS11-074 Security Update for Microsoft Office SharePoint Server 2007, 32-bit Edition (KB2553002)

MS11-074 Security Update for Microsoft Office Forms Server 2007, 32-bit Edition (KB2553005)

MS11-074 Security Update for Microsoft SharePoint Workspace 2010, 32-Bit Edition (KB2566445)

MS11-074 Security Update for Microsoft Office SharePoint Server 2007, 64-bit Edition (KB2553001)

MS11-074 Security Update for Microsoft Office SharePoint Server 2007, 64-Bit Edition (KB2508964)

MS11-074 Security Update for Microsoft Office Forms Server 2007, 64-bit Edition (KB2553005)

MS11-074 Security Update for Microsoft Office SharePoint Server 2007, 64-bit Edition (KB2553003)

MS11-074 Security Update for Microsoft SharePoint Workspace 2010, 64-Bit Edition (KB2566445)

MS11-074 Security Update for Microsoft Office SharePoint Server 2007, 64-bit Edition (KB2553002)


Last Updated: 27 May 2016 10:56:50