CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
MS13-030 | Vulnerability in SharePoint Could Allow Information Disclosure (2827663) | Microsoft SharePoint | Important | 10-04-2013 |
Technical Information
Brief overview of the risk:
The vulnerability could allow information disclosure if an attacker determined the address or location of a specific SharePoint list and gained access to the SharePoint site where the list is maintained. The attacker would need to be able to satisfy the SharePoint site’s authentication requests to exploit this vulnerability.
Detailed Information on the risk:
An information disclosure vulnerability exists in the way that SharePoint Server enforces access controls on specific SharePoint Lists.
Further information on this exploit is available at : MS13-030