Oval Definition:	oval:org.mitre.oval:def:15544
Revision Date: 2014-12-08 Version: 6 Title: SharePoint Script in Username Vulnerability - MS12-050 Description: Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a URL, aka "SharePoint Script in Username Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2012-1861 Platform(s): Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Product(s): Microsoft SharePoint Foundation 2010 Microsoft SharePoint Server 2010 Definition Synopsis sharepoint server 2010 Check if the version of Microsoft.office.server.native.dll is less than 14.0.6108.5000 AND sharepoint server 2010/sp1 Microsoft SharePoint Server 2010 Service Pack 1 is installed OR Microsoft Office SharePoint Server 2010 is installed. OR sharepoint foundation 2010 Check if the version of Onfda.dll is less than 14.0.6106.5000 AND sharepoint foundation 2010/sp1 Microsoft SharePoint Foundation 2010 Service Pack 1 is installed OR Microsoft SharePoint Foundation 2010 is installed
BACK