CVE-2008-4032

Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint Server 2007 Microsoft Office SharePoint Server 2007 Service Pack 1

Description The issue concerns improper authentication and authorization for administrative functions. This could allow remote attackers to cause a denial of service, obtain sensitive information, or create scripts that run in the context of the site by making requests to administrative URIs. An elevation of privilege is possible if an attacker bypasses authentication by browsing to an administrative URL on a SharePoint site, potentially resulting in denial of service or information disclosure.

Recommendations For Microsoft Office SharePoint Server 2007, update to a version that properly performs authentication and authorization for administrative functions. For Microsoft Office SharePoint Server 2007 Service Pack 1, apply the necessary patches or updates to address the elevation of privilege vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.