Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1860

Overview

Vulnerability Score 5.5 5.5
CVE Id CVE-2012-1860
Last Modified 13 Aug 2012 11:36:34
Published 10 Jul 2012 05:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-1860

Summary

Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 do not properly check permissions for search scopes, which allows remote authenticated users to obtain sensitive information or cause a denial of service (data modification) by changing a parameter in a search-scope URL, aka "SharePoint Search Scope Vulnerability."

Vulnerable Systems

Application

  • Microsoft Office Web Apps 2010

  • Microsoft Sharepoint Server 2007

  • Microsoft Sharepoint Server 2010


References

MS - MS12-050

Related Patches

MS12-050 Security Update for Microsoft InfoPath 2010 32-Bit Edition (KB2553431)

MS12-050 Security Update for Windows SharePoint Services 3.0 (KB2596911)

MS12-050 Security Update for Microsoft SharePoint Server 2010 (KB2553424)

MS12-050 Security Update for Microsoft Web Applications (KB2598239)

MS12-050 Security Update for Microsoft Office SharePoint Server 2007 32-Bit Edition (KB2596663)

MS12-050 Security Update for Microsoft SharePoint Foundation 2010 (KB2553365)

MS12-050 Security Update for Microsoft Groove Server 2010 (KB2589325)

MS12-050 Security Update for Microsoft Office InfoPath 2007 (KB2596786)

MS12-050 Security Update for Microsoft Office 2007 suites (KB2596666)

MS12-050 Security Update for 2010 Microsoft Business Productivity Servers (KB2553194)

MS12-050 Security Update for Microsoft Office SharePoint Server 2007 64-Bit Edition (KB2596663)

MS12-050 Security Update for Windows SharePoint Services 3.0 x64 (KB2596911)

MS12-050 Security Update for Microsoft InfoPath 2010 64-Bit Edition (KB2553322)

MS12-050 Security Update for Microsoft Office SharePoint Server 2007 64-Bit Edition (KB2596942)

MS12-050 Security Update for Microsoft InfoPath 2010 64-Bit Edition (KB2553431)


Last Updated: 27 May 2016 10:54:51