Oval Definition:	oval:org.mitre.oval:def:18750
Revision Date: 2015-06-15 Version: 11 Title: Cross-site scripting vulnerability in Microsoft SharePoint (CVE-2013-3179) - MS13-067 Description: Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2013-3179 Platform(s): Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP Product(s): Microsoft SharePoint Foundation 2010 Microsoft SharePoint Foundation 2013 Microsoft SharePoint Server 2007 Microsoft SharePoint Server 2010 Microsoft SharePoint Server 2013 Microsoft SharePoint Services 3.0 Definition Synopsis sharepoint services 3.0 sp3/version Microsoft SharePoint Services 3.0 SP3 is installed AND Check if the version of Onetutil.dll is less than 12.0.6676.5000 OR foundation 2010/version Check if the version of onetutil.dll is less than 14.0.7105.5000 AND foundation 2010 sp1/sp2 Microsoft SharePoint Foundation 2010 Service Pack 1 is installed OR Microsoft SharePoint Foundation 2010 Service Pack 2 is installed OR sharepoint server 2010/version sharepoint server 2010 sp1/sp2 Microsoft SharePoint Server 2010 Service Pack 1 is installed OR Microsoft SharePoint Server 2010 Service Pack 2 is installed AND either files versions Check if the version of microsoft.office.server.native.dll is less than 14.0.7005.1000 OR Check if the version of WdsrvWorker.dll is less than 14.0.6112.5000 OR Check if the version of xlsrv.dll is less than 14.0.7104.5000 (sharepoint server) OR foundation 2013/version Check if the version of Microsoft.office.server.native.dll is less than 15.0.4535.1000 AND Microsoft SharePoint Server 2013 is installed OR sharepoint foundation 2013/version Microsoft SharePoint Foundation 2013 is installed AND Check if the version of Onfda.dll is less than 15.0.4535.1000
BACK