CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-4032

Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properly perform authentication and authorization for administrative functions, which allows remote attackers to cause a denial of service (server load), obtain sensitive information, and "create scripts that would run in the context of the site" via requests to administrative URIs, aka "Access Control Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.648

EPSS Ranking 98.3%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/33063
http://www.securitytracker.com/id?1021367
http://www.us-cert.gov/cas/techalerts/TA08-344A.html
http://www.vupen.com/english/advisories/2008/3389
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-077
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5774
http://secunia.com/advisories/33063
http://www.securitytracker.com/id?1021367
http://www.us-cert.gov/cas/techalerts/TA08-344A.html
http://www.vupen.com/english/advisories/2008/3389
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-077
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5774

Products affected by CVE-2008-4032

Microsoft » Office Sharepoint Server » Version: 2007

cpe:2.3:a:microsoft:office_sharepoint_server:2007
Microsoft » Search Server » Version: 2008

cpe:2.3:a:microsoft:search_server:2008

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-4032

Products

Pricing

Contact Us