Microsoft SharePoint download feature information disclosure

sharepoint-download-info-disclosure (53955) The risk level is classified as LowLow Risk

Description:

Microsoft SharePoint could allow a remote attacker to obtain sensitive information, caused by improper validation of user-supplied input by the download.aspx script in the download functionality in Team Services. By sending a specially-crafted HTTP request, a remote attacker with Open Items or Add and Customize Pages permission could exploit this vulnerability using the SourceUrl or Source parameter to view the source code of arbitrary ASP.NET files from the backend database.


Consequences:

Obtain Information

Remedy:

No remedy available as of May 1, 2013.

References:

  • BugTraq Mailing List, Mon Oct 26 2009: SharePoint 2007 ASP.NET Source Code Disclosure.
  • Microsoft KB Article ID: 976829: Description of SharePoint Server 2007 ASPX page source code access.
  • Microsoft Office SharePoint Server Web site: Microsoft Office SharePoint Server.
  • BID-36817: Microsoft SharePoint Team Services Download Feature Source Code Information Disclosure Vulnerability
  • CVE-2009-3830: The download functionality in Team Services in Microsoft Office SharePoint Server 2007 12.0.0.4518 and 12.0.0.6219 allows remote attackers to read ASP.NET source code via pathnames in the SourceUrl and Source parameters to _layouts/download.aspx.
  • OSVDB ID: 59479: Microsoft Office SharePoint Server Team Services _layouts/download.aspx Multiple Parameter ASP.NET Source Disclosure

Platforms Affected:

  • Microsoft SharePoint Server 2007

Reported:

Oct 26, 2009

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page