Microsoft Office, Microsoft SharePoint

ソフト名：Microsoft Office Forms Server 2007/Groove 2007/SharePoint Server 2007/Groove 2010, Microsoft Office Web Apps, Microsoft SharePoint Foundation 2010/Server 2010, Microsoft Windows SharePoint Services 3.x

回避策：MS11-074 (KB2493987, KB2494001, KB2494022, KB2508964, KB2508965, KB2552998, KB2552999, KB2553001, KB2553002, KB2553003, KB2553005, KB2560885, KB2566449, KB2566450, KB2566456, KB2566954, KB2566958, KB2566960)にて対応

脆弱性：機密情報の奪取, ファイル内容の曝露

ソース：

http://www.microsoft.com/middleeast/office/preview/servers/formsserver/overview.mspx

http://office.microsoft.com/en-us/sharepoint-workspace-help/

http://office.microsoft.com/en-us/sharepoint-help/

http://office.microsoft.com/en-us/web-apps/

http://sharepoint.microsoft.com/en-us/product/Related-Technologies/Pages/SharePoint-Foundation.aspx

http://sharepoint.microsoft.com/ja-jp/Pages/default.aspx

http://office.microsoft.com/en-us/windows-sharepoint-services-help/

http://technet.microsoft.com/en-us/security/bulletin/ms11-074

http://secunia.com/advisories/46008/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1892

CVE：CVE-2011-1892

危険性：Medium Risk

Microsoft Excel, Microsoft Office

ソフト名：Microsoft Excel 2003/2007/Viewer 2007/2010, Microsoft Office 2003 Professional Edition/2003 Small Business Edition/2003 Standard Edition/2003 Student and Teacher Edition/2004 for Mac/2007/Office SharePoint Server 2007/2008 for Mac/2010/Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats/Office for Mac 2011/Office Web Apps, Microsoft Open XML File Format Converter for Mac, Microsoft SharePoint Server 2010

回避策：MS11-072 (KB2553070, KB2553072, KB2553073, KB2553074, KB2553075, KB2553095, KB2553096, KB2553089, KB2553090, KB2553091, KB2553093, KB2553094, KB2587505, KB2598781, KB2598782, KB2598783, KB2598785)にて対応

脆弱性：システムアクセス, 解放後使用エラー, 配列インデックスエラー, メモリ破壊, 不正Excelファイル, リモートコード実行

ソース：

http://office.microsoft.com/en-us/

http://office.microsoft.com/en-us/excel/

http://office.microsoft.com/en-us/suites/microsoft-office-2010-suites-FX101825188.aspx

http://www.macoffice2008.com/

http://office.microsoft.com/en-us/support/microsoft-office-compatibility-pack-for-word-excel-and-powerpoint-HA010168676.aspx

http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=10

http://www.microsoft.com/mac/products

http://office.microsoft.com/en-us/sharepoint-help/

http://office.microsoft.com/en-us/web-apps/

http://www.microsoft.com/mac/downloads

http://sharepoint.microsoft.com/ja-jp/Pages/default.aspx

http://technet.microsoft.com/en-us/security/bulletin/ms11-072

http://secunia.com/advisories/45932/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1986

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1987

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1988

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1989

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1990

CVE：CVE-2011-1986, CVE-2011-1987, CVE-2011-1988, CVE-2011-1989, CVE-2011-1990

危険性：High Risk

Microsoft SharePoint

ソフト名：Microsoft SharePoint Server 2007 SP2, SP1, SharePoint Services 3.0 SP2, SP1
回避策：未対応（983438）
脆弱性：XSS
ソース：http://www.microsoft.com/technet/security/advisory/983438.mspx
http://www.exploit-db.com/exploits/12450
http://www.securityfocus.com/bid/39776
http://secunia.com/advisories/39603
http://www.frsirt.com/english/advisories/2010/1041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0817
CVE：CVE-2010-0817
危険性：Medium Risk

Microsoft SharePoint Server

ソフト名：Microsoft SharePoint Server 2007～SP2
回避策：アップデートにて対応
脆弱性：XSS
ソース：http://archives.neohapsis.com/archives/bugtraq/2010-02/0199.html
http://sharepoint.microsoft.com/Pages/Default.aspx
CVE：CVE-2010-0716
危険性：Medium Risk