CVE-2005-0049
Summary
| CVE | CVE-2005-0049 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2005-05-02 04:00:00 UTC |
| Updated | 2018-10-12 21:35:00 UTC |
| Description | Windows SharePoint Services and SharePoint Team Services for Windows Server 2003 does not properly validate an HTTP redirection query, which allows remote attackers to inject arbitrary HTML and web script via a cross-site scripting (XSS) attack, or to spoof the web cache. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Sharepoint Portal Server | 2003 | All | All | All |
| Application | Microsoft | Sharepoint Portal Server | 2003 | sp1 | All | All |
| Application | Microsoft | Sharepoint Portal Server | 2003 | All | All | All |
| Application | Microsoft | Sharepoint Portal Server | 2003 | sp1 | All | All |
| Application | Microsoft | Sharepoint Team Services | All | All | All | All |
| Application | Microsoft | Sharepoint Team Services | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| US-CERT Vulnerability Note VU#340409 | CERT-VN | www.kb.cert.org | Patch, US Government Resource |
| Microsoft Security Bulletin MS05-006 - Moderate | Microsoft Docs | MS | docs.microsoft.com | |
| US-CERT Technical Cyber Security Alert TA05-039A -- Multiple Vulnerabilities in Microsoft Windows Components | CERT | www.us-cert.gov | Patch, US Government Resource |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.