Oval Definition:	oval:org.mitre.oval:def:15265
Revision Date: 2012-08-27 Version: 4 Title: SharePoint Search Scope Vulnerability - MS12-050 Description: Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 do not properly check permissions for search scopes, which allows remote authenticated users to obtain sensitive information or cause a denial of service (data modification) by changing a parameter in a search-scope URL, aka "SharePoint Search Scope Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2012-1860 Platform(s): Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Product(s): Microsoft SharePoint Server 2007 Microsoft SharePoint Server 2010 Definition Synopsis sharepoint server 2007 Check if the version of Microsoft.sharepoint.publishing.dll is less than 12.0.6660.5000 AND sharepoint server 2007 sp2/sp3 Microsoft Office SharePoint Server 2007 SP2 is installed OR Microsoft Office SharePoint Server 2007 SP3 is installed OR sharepoint server 2010 Check if the version of Microsoft.office.server.native.dll is less than 14.0.6108.5000 AND sharepoint server 2010/sp1 Microsoft SharePoint Server 2010 Service Pack 1 is installed OR Microsoft Office SharePoint Server 2010 is installed.
BACK