{"id":618,"date":"2011-09-17T08:12:28","date_gmt":"2011-09-17T00:12:28","guid":{"rendered":"http:\/\/down.cdhaha.net\/?p=618"},"modified":"2011-09-17T20:54:38","modified_gmt":"2011-09-17T12:54:38","slug":"ms11-074-vulnerabilities-in-microsoft-sharepoint-could-allow-elevation-of-privilege-2451858","status":"publish","type":"post","link":"http:\/\/down.cdhaha.net\/?p=618","title":{"rendered":"MS11-074 Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2451858)"},"content":{"rendered":"<p><img decoding=\"async\" src=\"wp-content\/uploads\/2009\/12\/sharepoint.gif\" alt=\"SharePoint\" title=\"SharePoint\" class=\"alignleft\" \/>\u6b64\u5b89\u5168\u66f4\u65b0\u53ef\u89e3\u51b3 Microsoft SharePoint \u548c Windows SharePoint Services \u4e2d\u4e00\u4e2a\u516c\u5f00\u62ab\u9732\u7684\u6f0f\u6d1e\u548c\u4e94\u4e2a\u79d8\u5bc6\u62a5\u544a\u7684\u6f0f\u6d1e\u3002\u5982\u679c\u7528\u6237\u5355\u51fb\u7279\u5236\u7684 URL \u6216\u8bbf\u95ee\u7279\u5236\u7f51\u7ad9\uff0c\u6700\u4e25\u91cd\u7684\u6f0f\u6d1e\u53ef\u80fd\u5141\u8bb8\u7279\u6743\u63d0\u5347\u3002\u5bf9\u4e8e\u6700\u4e25\u91cd\u7684\u6f0f\u6d1e\uff0c\u6d4f\u89c8\u5230 Internet \u533a\u57df\u4e2d\u7684 SharePoint \u7ad9\u70b9\u7684 Internet Explorer 8 \u548c Internet Explorer 9 \u7528\u6237\u53d7\u5230\u7684\u5a01\u80c1\u8f83\u5c0f\uff0c\u56e0\u4e3a\u9ed8\u8ba4\u60c5\u51b5\u4e0b\uff0cInternet Explorer 8 \u548c Internet Explorer 9 \u4e2d\u7684 XSS \u7b5b\u9009\u5668\u6709\u52a9\u4e8e\u963b\u6b62 Internet \u533a\u57df\u4e2d\u7684\u653b\u51fb\u3002\u4f46\u662f\uff0c\u9ed8\u8ba4\u60c5\u51b5\u4e0b\uff0cInternet Explorer 8 \u548c Internet Explorer 9 \u4e2d\u7684 XSS \u7b5b\u9009\u5668\u5728 Intranet \u533a\u57df\u4e2d\u672a\u542f\u7528\u3002<\/p>\n<p>\u5bf9\u4e8e <strong>Microsoft Office Groove 2007\u3001Microsoft SharePoint Workspace 2010\u3001Microsoft Office Forms Server 2007\u3001Microsoft Office SharePoint Server 2007\u3001Microsoft Office SharePoint Server 2010\u3001Microsoft Office Groove Data Bridge Server 2007\u3001Microsoft Office Groove Management Server 2007\u3001Microsoft Groove Server 2010\u3001Microsoft SharePoint Services 2.0\u3001Microsoft SharePoint Services 3.0\u3001Microsoft SharePoint Foundation 2010\u3001Microsoft Office Web Apps 2010 \u548c Microsoft Word Web App 2010<\/strong>\uff0c\u6b64\u5b89\u5168\u66f4\u65b0\u7684\u7b49\u7ea7\u4e3a\u201c\u91cd\u8981\u201d\u3002\u8be5\u5b89\u5168\u66f4\u65b0\u901a\u8fc7\u4fee\u6539 Microsoft SharePoint \u9a8c\u8bc1\u548c\u6e05\u7406\u7528\u6237\u8f93\u5165\u3001\u5206\u6790\u6076\u610f\u7684 XML \u548c XSL \u6587\u4ef6\u4ee5\u53ca\u5904\u7406\u7279\u5b9a\u8bf7\u6c42\u53c2\u6570\u4e2d\u5305\u542b\u7684\u811a\u672c\u7684\u65b9\u5f0f\u6765\u89e3\u51b3\u6f0f\u6d1e\u3002<br \/>\n<!--more--><br \/>\n\u5efa\u8bae\u3002 \u5ba2\u6237\u53ef\u4ee5\u914d\u7f6e\u81ea\u52a8\u66f4\u65b0\uff0c\u4ee5\u4f7f\u7528 Microsoft Update \u670d\u52a1\u4ece Microsoft Update \u8054\u673a\u68c0\u67e5\u66f4\u65b0\u3002\u542f\u7528\u4e86\u81ea\u52a8\u66f4\u65b0\u4e14\u914d\u7f6e\u4e3a\u4ece Microsoft Update \u8054\u673a\u68c0\u67e5\u66f4\u65b0\u7684\u5ba2\u6237\u901a\u5e38\u4e0d\u9700\u8981\u6267\u884c\u4efb\u4f55\u64cd\u4f5c\uff0c\u56e0\u4e3a\u6b64\u5b89\u5168\u66f4\u65b0\u5c06\u81ea\u52a8\u4e0b\u8f7d\u548c\u5b89\u88c5\u3002\u5c1a\u672a\u542f\u7528\u81ea\u52a8\u66f4\u65b0\u7684\u5ba2\u6237\u9700\u8981\u4ece Microsoft Update \u68c0\u67e5\u66f4\u65b0\uff0c\u5e76\u624b\u52a8\u5b89\u88c5\u6b64\u66f4\u65b0\u3002\u6709\u5173 Windows XP \u548c Windows Server 2003 \u53d7\u652f\u6301\u7248\u672c\u4e2d\u81ea\u52a8\u66f4\u65b0\u4e2d\u7684\u7279\u5b9a\u914d\u7f6e\u9009\u9879\u7684\u4fe1\u606f\uff0c\u8bf7\u53c2\u9605 Microsoft \u77e5\u8bc6\u5e93\u6587\u7ae0 294871\u3002\u6709\u5173 Windows Vista\u3001Windows Server 2008\u3001Windows 7 \u548c Windows Server 2008 R2 \u7684\u53d7\u652f\u6301\u7248\u672c\u4e2d\u81ea\u52a8\u66f4\u65b0\u7684\u4fe1\u606f\uff0c\u8bf7\u53c2\u9605\u4e86\u89e3 Windows \u81ea\u52a8\u66f4\u65b0\u3002<\/p>\n<p>\u5bf9\u4e8e\u7ba1\u7406\u5458\u3001\u4f01\u4e1a\u5b89\u88c5\u6216\u8005\u60f3\u8981\u624b\u52a8\u5b89\u88c5\u6b64\u5b89\u5168\u66f4\u65b0\u7684\u6700\u7ec8\u7528\u6237\uff0cMicrosoft \u5efa\u8bae\u5ba2\u6237\u4f7f\u7528\u66f4\u65b0\u7ba1\u7406\u8f6f\u4ef6\u5c3d\u65e9\u5e94\u7528\u6b64\u66f4\u65b0\u6216\u8005\u5229\u7528 Microsoft Update \u670d\u52a1\u68c0\u67e5\u66f4\u65b0\u3002<\/p>\n<p>\u53e6\u8bf7\u53c2\u9605\u672c\u516c\u544a\u540e\u9762\u90e8\u5206\u4e2d\u7684\u201c\u68c0\u6d4b\u548c\u90e8\u7f72\u5de5\u5177\u53ca\u6307\u5bfc\u201d\u4e00\u8282\u3002<\/p>\n<p>\u5df2\u77e5\u95ee\u9898\u3002 Microsoft \u77e5\u8bc6\u5e93\u6587\u7ae0 2451858 \u4ecb\u7ecd\u4e86\u5ba2\u6237\u5728\u5b89\u88c5\u6b64\u5b89\u5168\u66f4\u65b0\u65f6\u53ef\u80fd\u9047\u5230\u7684\u5f53\u524d\u5df2\u77e5\u95ee\u9898\u3002\u672c\u6587\u8fd8\u4ecb\u7ecd\u4e86\u8fd9\u4e9b\u95ee\u9898\u7684\u5efa\u8bae\u89e3\u51b3\u529e\u6cd5\u3002\u5728\u5f53\u524d\u5df2\u77e5\u95ee\u9898\u548c\u5efa\u8bae\u89e3\u51b3\u529e\u6cd5\u4ec5\u9002\u7528\u4e8e\u6b64\u8f6f\u4ef6\u7684\u7279\u5b9a\u7248\u672c\u65f6\uff0c\u6b64\u6587\u7ae0\u8fd8\u63d0\u4f9b\u5176\u4ed6\u6587\u7ae0\u7684\u94fe\u63a5\u3002<\/p>\n<p><strong>English Version<\/strong><br \/>\n<a href=\"http:\/\/www.microsoft.com\/technet\/security\/bulletin\/MS11-074.mspx\" target=\"_blank\">http:\/\/www.microsoft.com\/technet\/security\/bulletin\/MS11-074.mspx<\/a><\/p>\n<p><strong>\u7b80\u4f53\u4e2d\u6587\u7248<\/strong><br \/>\n<a href=\"http:\/\/www.microsoft.com\/china\/technet\/security\/bulletin\/MS11-074.mspx\" target=\"_blank\">http:\/\/www.microsoft.com\/china\/technet\/security\/bulletin\/MS11-074.mspx<\/a><\/p>\n<p>&nbsp;<\/p>\n<!-- AddThis Advanced Settings generic via filter on the_content --><!-- AddThis Share Buttons generic via filter on the_content -->","protected":false},"excerpt":{"rendered":"<p>\u6b64\u5b89\u5168\u66f4\u65b0\u53ef\u89e3\u51b3 Microsoft SharePoint \u548c Windows SharePoint Services \u4e2d\u4e00\u4e2a\u516c\u5f00\u62ab\u9732\u7684\u6f0f\u6d1e\u548c\u4e94\u4e2a\u79d8\u5bc6\u62a5\u544a\u7684\u6f0f\u6d1e\u3002\u5982\u679c\u7528\u6237\u5355\u51fb\u7279\u5236\u7684 URL \u6216\u8bbf\u95ee\u7279\u5236\u7f51\u7ad9\uff0c\u6700\u4e25\u91cd\u7684\u6f0f\u6d1e\u53ef\u80fd\u5141\u8bb8\u7279\u6743\u63d0\u5347\u3002\u5bf9\u4e8e\u6700\u4e25\u91cd\u7684\u6f0f\u6d1e\uff0c\u6d4f\u89c8\u5230 Internet \u533a\u57df\u4e2d\u7684 SharePoint \u7ad9\u70b9\u7684 Internet Explorer 8 \u548c Internet Explorer&#8230;<!-- AddThis Advanced Settings generic via filter on get_the_excerpt --><!-- AddThis Share Buttons generic via filter on get_the_excerpt --><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[792],"tags":[275],"_links":{"self":[{"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/posts\/618"}],"collection":[{"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=618"}],"version-history":[{"count":0,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/posts\/618\/revisions"}],"wp:attachment":[{"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=618"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=618"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=618"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}