MS12-011 MS12-011 - Important : Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841) - Version: 1.0
Version2012-02-14
Severity Rating: Important
Revision Note: V1.0 (February 14, 2012): Bulletin published.
Summary: This security update resolves three privately reported vulnerabilities in Microsoft SharePoint and Microsoft SharePoint Foundation. These vulnerabilities could allow elevation of privilege or information disclosure if a user clicked a specially crafted URL.
Bulletin details at Microsoft.com
Bulletin details at Microsoft.com
Related CVE Entries
Cross-site scripting (XSS) vulnerability in inplview.aspx in Microsoft SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via JavaScript sequences in a URL, aka "XSS in inplview.aspx Vulnerability."
Max CVSS
4.3
EPSS Score
96.43%
Published
2012-02-14
Updated
2018-10-12
Cross-site scripting (XSS) vulnerability in themeweb.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via JavaScript sequences in a URL, aka "XSS in themeweb.aspx Vulnerability."
Max CVSS
4.3
EPSS Score
96.43%
Published
2012-02-14
Updated
2018-10-12
Cross-site scripting (XSS) vulnerability in wizardlist.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via JavaScript sequences in a URL, aka "XSS in wizardlist.aspx Vulnerability."
Max CVSS
4.3
EPSS Score
96.43%
Published
2012-02-14
Updated
2018-10-12