 | |
| |
| 30 Apr 2010 | #1 |
| | MS SharePoint bug exposes credentials, sensitive data. Quote: Microsoft says it's investigating a security flaw in older versions of its SharePoint Server product that an independent researcher says can easily expose sensitive data and user authentication credentials. The XSS, or cross-site scripting, vulnerability has been confirmed in SharePoint Server 2007 and is likely also present in earlier versions of the content management system software, an advisory from High-Tech Bridge warned. It allows adversaries to inject malicious javascript into the application by appending commands to the address of the targeted system. "The vulnerability exists due to failure in the '/_layouts/help.aspx' script to properly sanitize user-supplied input in 'cid0' variable," the advisory states. "Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data." Microsoft SharePoint bug exposes credentials, sensitive data ? The Register |
My System Specs | |
 |
MS SharePoint bug exposes credentials, sensitive data. problems?
« Cloud Computing: What You Need to Know Before You Start
|
Microsoft investigates SharePoint 2007 zero day »
| Thread Tools | |
| Similar help and support threads for: MS SharePoint bug exposes credentials, sensitive data. | ||||
| Thread | Forum | |||
| Doctor Web exposes 550,000 strong Mac botnet | Security News | |||
| Flash drives dangerously hard to purge of sensitive data | News | |||
| Old QuickTime flaw exposes IE | System Security | |||
| Protecting Sensitive Data with AD RMS. | Chillout Room | |||
| Kaspersky breach exposes sensitive database, hacker claims | System Security | |||
All times are GMT -5. The time now is 02:01 AM.
