Download
| Alert*
|
oval:org.secpod.oval:def:6356
SharePoint Server 2007 SP3 is installed. oval:org.secpod.oval:def:6355 SharePoint Server 2007 SP2 is installed. oval:org.mitre.oval:def:2313 Microsoft Office SharePoint Server 2007 is installed. oval:org.mitre.oval:def:2286 Multiple cross-site scripting (XSS) vulnerabilities in Microsoft Windows SharePoint Services 3.0 for Windows Server 2003 and Office SharePoint Server 2007 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (query string) in "every main page," as demonstrated by default.a ... oval:org.secpod.oval:def:23797 The host is installed with Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold or SP1, Word 2013 Gold or SP1, Office 2013 RT Gold or SP1, Word 2013 RT Gold or SP1, Excel Viewer, Office C ... oval:org.secpod.oval:def:23792 The host is missing a critical security update according to Microsoft security bulletin, MS15-022. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a crafted file. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:24275 The host is installed with Microsoft Sharepoint Server 2007, 2010, Sharepoint Foundation 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle specially crafted page content. Successful exploitation could allow attackers to ex ... oval:org.secpod.oval:def:24276 The host is missing an important security update according to Microsoft security bulletin, MS15-047. The update is required to fix remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted page content. Successful exploitation could allo ... oval:org.secpod.oval:def:25360 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel Viewer 2007 SP3, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 and is prone to a me ... oval:org.secpod.oval:def:25359 The host is missing an important security update according to Microsoft security bulletin, MS15-070. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle crafted office files. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:33821 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, SharePoint Server 2007 or SharePoint Server 2010 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle objects in memory. An attacker who succe ... oval:org.mitre.oval:def:8407 Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Office SharePoint Server 2007 SP1 and SP2 do not validate ZIP headers du ... oval:org.secpod.oval:def:1356 The host is missing a critical security update according to Microsoft security bulletin, MS10-104. The update is required to fix remote code execution vulnerability. A flaw is present in the Document Conversions Launcher Service in Microsoft Office SharePoint Server, which fails to handle crafted SO ... oval:org.secpod.oval:def:3091 The host is missing an important security update according to Microsoft security bulletin, MS08-077. The update is required to fix elevation of privilege vulnerability. A flaw is present in Microsoft Office SharePoint Server, which fails to handle an administrative URL on a SharePoint site. Successf ... oval:org.secpod.oval:def:18563 The host is missing a critical security update according to Microsoft bulletin, MS14-022. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly validate certain conditions. Successful exploitation allows attackers to run arbitrary c ... oval:org.secpod.oval:def:18570 The host is installed with SharePoint Server 2013 Client Components SDK, Microsoft SharePoint Designer 2007 SP3, 2010 SP1, SP2, 2013, SP1, Microsoft Office Web Apps Server 2013, SP1, Microsoft Windows SharePoint Services 3.0 SP3, SharePoint Server 2007, 2010 SP1, SP2, 2013, Microsoft SharePoint Foun ... oval:org.secpod.oval:def:39335 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:2268 The host is installed with Microsoft Office Web Apps 2010 or SP1 or Microsoft SharePoint Foundation 2010 or Microsoft Windows SharePoint Services 3.0 Service Pack 2 or Microsoft Groove Server 2010 or SP1 or Microsoft Office SharePoint Server 2010 or SP1 or Microsoft Office SharePoint Server 2007 SP ... oval:org.secpod.oval:def:7318 The host is installed with Microsoft Office Web Apps 2010, Microsoft SharePoint Foundation 2010 Service Pack 1, Microsoft Windows SharePoint Services 3.0 Service Pack 2, Microsoft Groove Server 2010 Service Pack 1, Microsoft SharePoint Server 2010 Service Pack 1, Microsoft SharePoint Server 2007 Se ... oval:org.secpod.oval:def:7319 The host is missing an important security update according to Microsoft security bulletin, MS12-066. The update is required to fix elevation of privilege vulnerability. A flaw is present in the applications, which fail to properly validate the HTML strings. Successful exploitation allows attackers t ... oval:org.secpod.oval:def:2260 The host is missing an important security update according to Microsoft security bulletin, MS11-072. The update is required to fix multiple remote code execution vulnerabilities. Multiple flaws are present in the applications, which fail to properly handle different crafted excel files. Successful e ... oval:org.secpod.oval:def:15657 The host is installed with Microsoft Excel SP3, Office 2007 SP3, Office 2010 SP1/SP2, Office 2013, Excel Viewer 2007, Office Compatibility Pack SP3, Office Web Apps 2010,SharePoint Server 2007 SP3, SharePoint Server 2010 SP1/SP2, SharePoint Server 2013 and is prone to remote code execution vulnerabi ... oval:org.secpod.oval:def:2632 The host is missing an important security update according to Microsoft bulletin, MS08-043. The update is required to fix a remote code execution vulnerability. The flaws are present in the Excel parses record values, index values and array index when loading Excel files into memory and when data co ... oval:org.secpod.oval:def:2369 The host is missing a critical security update according to Microsoft security bulletin, MS09-021. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Office Excel, which fails to handle a specially crafted Excel file that includes a malformed ... oval:org.mitre.oval:def:6102 Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office SharePoint Server 2007 Gold and SP ... oval:org.mitre.oval:def:5774 Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properly perform authentication and authorization for administrative functions, which allows remote attackers to cause a denial of service (server load), obtain sensitive information, and "create scripts tha ... oval:org.secpod.oval:def:15674 The host is missing a critical security update according to Microsoft bulletin, MS13-084. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle certain vectors and improperly validates inputs. Successful exploitation allows a ... oval:org.secpod.oval:def:15676 The host is installed with Microsoft SharePoint Server 2007 SP3 or before, SharePoint Foundation 2010 or Microsoft SharePoint Services 3.0 and is prone to remote code execution vulnerability. The flaw is present in the applications, which fail to properly properly handle objects in memory while pars ... oval:org.secpod.oval:def:2257 The host is installed with Microsoft Excel 2003 ,Microsoft Excel 2007 ,Microsoft Office 2007 , Microsoft Excel 2010, Microsoft Excel Viewer , Microsoft Office Compatibility Pack, Excel Services installed on Microsoft Office SharePoint Server 2007, Excel Services installed on Microsoft Office SharePo ... oval:org.mitre.oval:def:11737 Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malf ... oval:org.secpod.oval:def:2259 The host is installed with Microsoft Excel 2003 ,Microsoft Excel 2007 ,Microsoft Office 2007 , Microsoft Excel 2010,Microsoft Excel Viewer, Microsoft Office Compatibility Pack , Excel Services installed on Microsoft Office SharePoint Server 2007 , Excel Services installed on Microsoft Office SharePo ... oval:org.secpod.oval:def:30012 The host is installed with Microsoft SharePoint Server 2007 or 2010 and is prone to an information disclosure vulnerability. A flaw present in the applications, which fail to properly parse the Document Type Definition (DTD) of an XML file. Successful exploitation could allow attackers to browse the ... oval:org.secpod.oval:def:39342 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.mitre.oval:def:5561 Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 Gold and SP3; Office Excel Viewer; Office Compatibility Pack 2007 Gold and SP1; Office SharePoint Server 2007 Gold and SP1; and Office 2004 and 2008 for Mac do not properly parse Country reco ... oval:org.mitre.oval:def:5925 Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; Microsoft Office ... oval:org.secpod.oval:def:33823 The host is missing an important security update according to Microsoft security bulletin, MS16-042. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a specially crafted Microsoft Office file. An attacker who successfully exploit ... oval:org.secpod.oval:def:32922 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer 2007, SharePoint Server 2007, SharePoint Server 2010, SharePoint Server 2013 or Web Apps 2010 and is prone to a memory corruption vulnerability. A flaw is pres ... oval:org.secpod.oval:def:31391 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer or Excel Services on SharePoint Server 2007 SP3, 2010 SP2 or 2013 SP1 and is prone to a memory corruption vulnerability. A flaw is present in the applications, ... oval:org.secpod.oval:def:30006 The host is missing an important security update according to Microsoft security bulletin, MS15-110. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to properly handle crafted Microsoft Office file. Successful exploi ... oval:org.secpod.oval:def:30009 The host is installed with Microsoft Excel 2007, 2010, 2013, 2016, Office Compatibility pack, Excel Viewer 2007, Sharepoint Server 2007, 2010 or 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful ... oval:org.secpod.oval:def:38338 The host is installed with Microsoft Excel 2007, 2010, 2013, 2016, Office Compatibility Pack, Excel Viewer 2007, Sharepoint Server 2007 or 2010 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fails to properly initialize affected variables. Succe ... oval:org.secpod.oval:def:32926 The host is missing a critical security update according to Microsoft security bulletin, MS16-015. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted office file. Successful exploitation allows attackers to corrupt ... oval:org.secpod.oval:def:39346 The host is missing an important security update according to Microsoft security bulletin, MS17-002. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbi ... oval:org.secpod.oval:def:37073 The host is missing a critical security update according to Microsoft security bulletin, MS16-107. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle a specially crafted Microsoft Office file. Successful exploitation could ... oval:org.secpod.oval:def:37078 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1 and is pro ... oval:org.secpod.oval:def:37084 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1 and is pro ... oval:org.secpod.oval:def:38336 The host is missing a critical security update according to Microsoft security bulletin, MS16-148. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fails to handle a specially crafted Microsoft Office file. Successful exploitation could allow a ... oval:org.secpod.oval:def:37082 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1 and is pro ... oval:org.secpod.oval:def:31365 The host is missing an important security update according to Microsoft security bulletin, MS15-116. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted Microsoft Office file. Successful explo ... oval:org.secpod.oval:def:42104 The host is missing an important security update KB3191831 oval:org.secpod.oval:def:42055 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the f ... oval:org.secpod.oval:def:15685 The host is installed with Microsoft Windows SharePoint Server 2007 SP3, SharePoint Server 2010 SP1, SP2, Office Web Apps 2010 SP1 or SP2 and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory while parsing speciall ... oval:org.secpod.oval:def:15677 The host is missing a critical security update according to Microsoft bulletin, MS13-067. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle certain vectors and improperly validates inputs. Successful exploitation allows a ... oval:org.secpod.oval:def:8352 The host is missing a critical security update according to MS13-002. The update is required to fix multiple MSXML vulnerabilities. The flaws are present in the applications, which fail to properly handle XML content. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:6199 The host is missing a critical security update according to Microsoft security bulletin, MS12-043. The update is required to fix remote code execution vulnerability. A flaw is present in the applications, which fail to handle a specially crafted webpage. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:6037 The host is installed with Internet Explorer 8 and 9 or Microsoft Communicator 2007 R2 or Lync 2010 or Lync 2010 Attendee Microsoft InfoPath 2007 or 2010, Microsoft SharePoint Server 2007 or 2010, Microsoft SharePoint Foundation 2010, Microsoft SharePoint Services 3.0 or Microsoft Groove Server 2010 ... oval:org.secpod.oval:def:6378 The host is missing an important security update according to Microsoft bulletin, MS12-050. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle crafted URLs. Successful exploitation results in elevation of privilege or information d ... oval:org.secpod.oval:def:6375 The host is installed with Microsoft SharePoint Server 2007 or SharePoint Services 3.0 or SharePoint Foundation 2010 and is prone to cross-site scripting vulnerability. A flaw is present in the applications, which fail to properly handle malicious JavaScript elements contained within a specially c ... oval:org.secpod.oval:def:6374 The host is installed with Microsoft SharePoint Server 2007 and is prone to spoofing vulnerability. A flaw is present in the application, which fails to properly validate specially crafted URLs. Successful exploitation allows attackers to redirect a user to an external URL. oval:org.secpod.oval:def:6372 The host is installed with Microsoft SharePoint Server 2007 or 2010 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly validate search scope permissions. Successful exploitation allows attackers to view or tamper with other users' sear ... oval:org.secpod.oval:def:2264 The host is installed with Microsoft Office SharePoint Server 2007 Service Pack 2 or Microsoft Office SharePoint Server 2010 or SP1 or Microsoft Windows SharePoint Services 3.0 Service Pack 2 or SharePoint Foundation 2010 or SP1 and is prone to information disclosure vulnerability. A flaw is presen ... oval:org.secpod.oval:def:2271 The host is missing an Important security update according to Microsoft security bulletin, MS11-074. The update is required to fix cross-site-scripting and information disclosure vulnerabilities. A flaw is present in the applications, which fails to properly validate inputs. Successful exploitation ... oval:org.secpod.oval:def:1201 The host is installed with Microsoft Internet Explorer and is prone information disclosure vulnerability. A flaw is present in the browser, which fails to handle a crafted Web page. Successful exploitation could allow remote attackers to execute arbitrary code or gain sensitive information. oval:org.secpod.oval:def:1559 The host is missing a critical security update according to Microsoft security bulletin, MS10-072. The update is required to fix information disclosure vulnerabilities. Multiple flaws are present in the SafeHTML, which fails to validate malicious HTML code. Successful exploitation could allow an att ... oval:org.mitre.oval:def:7275 Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vec ... oval:org.mitre.oval:def:7637 Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vec ... oval:org.secpod.oval:def:3246 The host is missing a critical security update according to Microsoft security bulletin, MS10-039. The update is required to fix privilege escalation vulnerabilities. Flaws are present in the Microsoft SharePoint server and Office InfoPath, which fails to validate specially crafted requests. Success ... oval:org.mitre.oval:def:6677 Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or H ... oval:org.secpod.oval:def:2583 The host is missing a critical security update according to Microsoft security bulletin, MS08-057. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application which fails to properly handle specially crafted Excel file. Successful exploitati ... oval:org.secpod.oval:def:2236 The host is missing a critical security update according to Microsoft security bulletin, MS10-017. The update is required to fix remote code execution vulnerabilities. Flaws are present in Microsoft Office Excel, which fails to parse a specially crafted Excel files. Successful exploitation could all ... oval:org.secpod.oval:def:8348 The host is installed with Microsoft XML Core Services 5.0, 6.0 on Microsoft Windows or with Microsoft Groove Server 2007, Microsoft SharePoint Server 2007, Microsoft Expression Web 2, Microsoft Expression Web, Microsoft Office Compatibility Pack, Microsoft Word Viewer, Microsoft Office 2007, or Mic ... oval:org.secpod.oval:def:6200 The host is installed with Microsoft XML Core Services 3.0, 4.0, 5.0 or 6.0 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial o ... oval:org.secpod.oval:def:8351 The host is installed with Microsoft XML Core Services 4.0, 5.0, 6.0 on Microsoft Windows or with Microsoft Groove Server 2007, Microsoft SharePoint Server 2007, Microsoft Expression Web 2, Microsoft Expression Web, Microsoft Office Compatibility Pack, Microsoft Word Viewer, Microsoft Office 2007, M ... |
