{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<P>Microsoft SharePoint Portal Server 2001.</P>","content":"## Description\n\nMicrosoft SharePoint Portal Server 2001 permet la cr\u00e9ation de portail\nd'entreprise. Plusieurs sites peuvent \u00eatre connect\u00e9s au sein d'un m\u00eame\nportail.\n\nDes vuln\u00e9rabilit\u00e9s de type \"Cross Site Scripting\" permettent en\nutilisant Microsoft SharePoint Portal Server 2001 comme rebond\nd'ex\u00e9cuter des scripts malicieux sur une machine cible.\n\nDe plus il est possible par ce m\u00eame type d'attaque de voler les cookies\ndes utilisateurs visitant ces sites.\n\n## Solution\n\nT\u00e9l\u00e9charger le Service Pack3 qui corrige ces vuln\u00e9rabilit\u00e9s (cf. Section\nDocumentation).\n","cves":[],"links":[{"title":"Avis de s\u00e9curit\u00e9 de Microsoft KB837017 :","url":"http://www.microsoft.com/downloads/details.aspx?FamilyId=15677A92-3470-465F-9F63-E621094103E0"}],"reference":"CERTA-2004-AVI-120","revisions":[{"description":"version initiale.","revision_date":"2004-04-08T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de scripts"},{"description":"Vol de cookies"}],"summary":"Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft SharePoint\nPortal Server 2001.\n","title":"Vuln\u00e9rabilit\u00e9s dans Microsoft SharePoint Portal Server 2001","vendor_advisories":[{"published_at":null,"title":"Avis de s\u00e9curit\u00e9 Microsoft KB837017","url":null}]}