What is CVE-2011-1892?

CVE-2011-1892 is a vulnerability in Microsoft Forms_server, classified under Information Disclosure. Published 2011-09-15.

Is CVE-2011-1892 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Information disclosure in Microsoft Forms_server

CVE-2011-1892

Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove…

Vulnerability class: Information Disclosure

EPSS: 0.651 (98.5th percentile) — read the EPSS interpretation.

Affected products

Microsoft Forms_server — versions 2007
Microsoft Groove — versions 2007
Microsoft Groove_data_bridge_server — versions 2007
Microsoft Groove_management_server — versions 2007
Microsoft Groove_server — versions 2010
Microsoft Office_web_apps — versions 2010
Microsoft Sharepoint_foundation — versions 2010
Microsoft Sharepoint_server — versions 2007, 2010
Microsoft Sharepoint_services — versions 3.0
Microsoft Sharepoint_workspace — versions 2010

Weakness classification (CWE)

CWE-200 — Information Disclosure

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

MS11-074 (x_refsource_MS, vendor-advisory)
8386 (x_refsource_SREASON, third-party-advisory)
TA11-256A (US Government Resource, x_refsource_CERT, third-party-advisory)
oval:org.mitre.oval:def:12907 (x_refsource_OVAL, signature, vdb-entry)

Frequently asked questions

What is CVE-2011-1892?: CVE-2011-1892 is a vulnerability in Microsoft Forms_server, classified under Information Disclosure. Published 2011-09-15.
Is CVE-2011-1892 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.