CVE-2010-1264

Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 SP1 and SP2 allows remote attackers to cause a denial of service (hang) via crafted requests to the Help page that cause repeated restarts of the application pool, aka "Sharepoint Help Page Denial of Service Vulnerability."

CVSS v2.0 4.0 MEDIUM

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:P

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/40559
http://www.us-cert.gov/cas/techalerts/TA10-159B.html	US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-039
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7241

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:sharepoint_services:3.0:sp1:x32:::::*
	cpe:2.3:a:microsoft:sharepoint_services:3.0:sp1:x64:::::*
	cpe:2.3:a:microsoft:sharepoint_services:3.0:sp2:x32:::::*
	cpe:2.3:a:microsoft:sharepoint_services:3.0:sp2:x64:::::*

History

No history.

Information

Published : 2010-06-08 20:30

Updated : 2024-02-04 17:54

NVD link : CVE-2010-1264

Mitre link : CVE-2010-1264

CVE.ORG link : CVE-2010-1264

JSON object : View

Products Affected

microsoft

sharepoint_services

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-1264", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-06-08T20:30:02.460", "references": [{"url": "http://www.securityfocus.com/bid/40559", "source": "secure@microsoft.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html", "tags": ["US Government Resource"], "source": "secure@microsoft.com"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-039", "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7241", "source": "secure@microsoft.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 SP1 and SP2 allows remote attackers to cause a denial of service (hang) via crafted requests to the Help page that cause repeated restarts of the application pool, aka \"Sharepoint Help Page Denial of Service Vulnerability.\""}, {"lang": "es", "value": "Vulnerabilidad no especificada en Microsoft Windows SharePoint Services 3.0 SP1 y SP2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue) mediante peticiones manipuladas a la p\u00e1gina Help que causan reinicios repetidos de la aplicaci\u00f3n, tambi\u00e9n conocida como \"Sharepoint Help Page Denial of Service Vulnerability.\""}], "lastModified": "2018-10-12T21:57:37.497", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:sharepoint_services:3.0:sp1:x32:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC40A747-CEBB-4F49-A4CF-A2F31890F39E"}, {"criteria": "cpe:2.3:a:microsoft:sharepoint_services:3.0:sp1:x64:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71AFF167-D300-44A8-8735-E1A0AC8CF9EA"}, {"criteria": "cpe:2.3:a:microsoft:sharepoint_services:3.0:sp2:x32:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF40F903-0026-4673-89A3-6F889D877E2F"}, {"criteria": "cpe:2.3:a:microsoft:sharepoint_services:3.0:sp2:x64:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "376C9A84-74B1-4717-B88E-153ADD7D686D"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}