The remote host is affected by multiple privilege escalation and
information disclosure vulnerabilities.
The version of SharePoint Services, SharePoint Server, Groove, or
Office Web Apps installed on the remote host has multiple privilege
escalation and information disclosure vulnerabilities.
A remote attacker could exploit them by tricking a user into making a
malicious request, resulting in arbitrary script code execution.
See also :
Microsoft has released a set of patches for SharePoint Server 2007,
SharePoint Server 2010, SharePoint Workspace 2010, SharePoint
Foundation 2010, Office Groove 2007, Office Forms Server 2007, Office
Groove Server 2007, Office Groove Data Bridge Server 2007, Office
Groove Management Server 2007, Groove Server 2010, Windows SharePoint
Services 2.0, Windows SharePoint Services 3.0, Office Web Apps 2010,
and Word Web App 2010.
Risk factor :
Medium / CVSS Base Score : 5.8
CVSS Temporal Score : 4.8
Public Exploit Available : true