Check Point Protects Networks From Multiple Vulnerabilities in Microsoft SharePoint
( Microsoft Security Bulletin MS11-074, CVE-2011-0653, CVE-2011-1890, CVE-2011-1893, CVE-2011-1891, CVE-2011-1892 )
Summary
Five vulnerabilities in Microsoft SharePoint have been disclosed, the most serious of which can allow an attacker to gain elevated privileges on a targeted SharePoint server. Check Point's IPS Software Blade and NGX SmartDefense provides network-level protection against these issues.
Details
Four of these issues are cross-site scripting vulnerabilities that can allow an attacker to execute commands on a targeted SharePoint server in the security context of the authenticated user that was exploited. The remaining issue is an information disclosure vulnerability where a malicious authenticated user can gain read-only access to files on a SharePoint server that are not normally accessible by her.
Solution
Check Point's IPS Software Blade and NGX SmartDefense have provided preemptive network protection since June 2003 for the four XSS vulnerabilities. Protection against the the information disclosure issue is available via the latest IPS update. For details about the Microsoft products that are affected, as well as more information, see CPAI-2011-403 and CPAI-2011-404.
Originally Published:
Last Updated: 13-Sep-2011