Strix
26.1K

CVE-2011-1892

UnknownEPSS 38.33%

Last modified

CVE-2011-1892 is a vulnerability of currently unknown severity. Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management Server 2007 SP2, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, and Office Web Apps 2010 Gold and SP1 do not properly handle Web Parts containing XML classes referencing external entities, which allows remote authenticated users to read arbitrary files via a crafted XML and XSL file, aka "SharePoint Remote File Disclosure Vulnerability.". EPSS estimates a 38.33% chance of exploitation in the next 30 days.

Description

Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management Server 2007 SP2, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, and Office Web Apps 2010 Gold and SP1 do not properly handle Web Parts containing XML classes referencing external entities, which allows remote authenticated users to read arbitrary files via a crafted XML and XSL file, aka "SharePoint Remote File Disclosure Vulnerability."

Metrics

EPSS Probability
38.33%

98.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
MicrosoftForms Server2007Sp2
MicrosoftGroove2007Sp2
MicrosoftGroove Data Bridge Server2007Sp2
MicrosoftGroove Management Server2007Sp2
MicrosoftGroove Server2010
MicrosoftOffice Web Apps2010
MicrosoftSharepoint Foundation2010
MicrosoftSharepoint Server2007Sp2
MicrosoftSharepoint Server2010
MicrosoftSharepoint Services3.0Sp2
MicrosoftSharepoint Workspace2010

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2011-1892?
Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management Server 2007 SP2, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, and Office Web Apps 2010 Gold and SP1 do not properly handle Web Parts containing XML classes referencing external entities, which allows remote authenticated users to read arbitrary files via a crafted XML and XSL file, aka "SharePoint Remote File Disclosure Vulnerability."
How severe is CVE-2011-1892?
Severity scoring for CVE-2011-1892 is pending analysis. The EPSS model estimates a 38.33% probability of exploitation in the next 30 days.
How do I fix CVE-2011-1892?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2011-1892?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST