This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The version of SharePoint running on the remote host has multiple
The versions of Microsoft SharePoint Server 2010 and SharePoint
Foundation 2010 have the following vulnerabilities :
- A callback function vulnerability exists that could
allow an attacker to read data or perform other
unauthorized actions. (CVE-2013-0080)
- A cross-site scripting vulnerability exists.
- A directory traversal vulnerability exists that could
allow an attacker to read arbitrary files.
- A buffer overflow exists that could result in a denial
of service. Code execution is reportedly not possible.
See also :
Microsoft has released a set of patches for SharePoint Server 2010 and
SharePoint Foundations 2010.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.6
Public Exploit Available : true