Oval Definition:	oval:org.mitre.oval:def:18991
Revision Date: 2014-12-08 Version: 5 Title: Parameter injection vulnerability in Microsoft SharePoint (CVE-2013-3895) - MS13-084 Description: Microsoft SharePoint Server 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to conduct clickjacking attacks via a crafted web page, aka "Parameter Injection Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2013-3895 Platform(s): Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP Product(s): Microsoft SharePoint Foundation 2010 Microsoft SharePoint Server 2007 Microsoft SharePoint Services 3.0 Definition Synopsis foundation 2010/version foundation 2010 sp1/sp2 Microsoft SharePoint Foundation 2010 Service Pack 1 is installed OR Microsoft SharePoint Foundation 2010 Service Pack 2 is installed OR Microsoft SharePoint Server 2010 Service Pack 1 is installed OR Microsoft SharePoint Server 2010 Service Pack 2 is installed AND Check if the version of Onetutil.dll is less than 14.0.7106.5002 OR sharepoint services 3.0 sp3/version SharePoint 2007 SP3/SharePoint Services 3.0 SP3 Microsoft Office SharePoint Server 2007 SP3 is installed OR Microsoft SharePoint Services 3.0 SP3 is installed AND Check if the version of Onetutil.dll is less than 12.0.6676.5000
BACK