Microsoft SharePoint vulnerabilities could allow escalation of privilege
Report ID: MS201207008
Date Published: 16 July 2012
Compromise Type: information-disclosure cross-site-scripting
Compromise From: remote
Microsoft InfoPath 2007
Microsoft InfoPath 2010
Microsoft Office SharePoint Server 2007
Microsoft Groove Server 2010
Microsoft Windows SharePoint Services 3.0
Microsoft SharePoint Foundation 2010
Microsoft Office Web Apps 2010
Six vulnerabilities identified in Microsoft SharePoint and Windows SharePoint Services could lead to information disclosure and cross-site scripting attack.
All of the identified issues have been resolved by making necessary corrections and modifications. Users are recommended to install the latest update onto their system as a protection measure against potential exploit attempts.
CVE-2012-1858, CVE-2012-1859, CVE-2012-1860, CVE-2012-1861, CVE-2012-1862, CVE-2012-1863
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-050)