Oval Definition:	oval:org.mitre.oval:def:5774
Revision Date: 2011-12-05 Version: 3 Title: Access Control Vulnerability Description: Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properly perform authentication and authorization for administrative functions, which allows remote attackers to cause a denial of service (server load), obtain sensitive information, and "create scripts that would run in the context of the site" via requests to administrative URIs, aka "Access Control Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2008-4032 Platform(s): Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP Product(s): Microsoft Office SharePoint Server 2007 Microsoft Search Server 2008 Definition Synopsis Check for Office SharePoint Server 2007 or Search Server 2008 Microsoft Office SharePoint Server 2007 is installed. OR Microsoft Search Server 2008 is installed AND the version of Mssdmn.exe is less than 12.0.6318.5000
BACK