A Vulnerability Exists in the CDO Protocol Handler Component of SharePoint Portal Server (321026)
The information in this article applies to:
- Microsoft SharePoint Portal Server 2001 SP1
This article was previously published under Q321026 SYMPTOMSA vulnerability exists in the Collaboration Data Objects (CD0) protocol handler component of SharePoint Portal Server. When this vulnerability exists, a malicious user can address arbitrary Uniform Resource Locators (URLs). Because the protocol is addressable from Microsoft Internet Explorer, the possibility exists where a malicious user can use a specially formatted Web page to run malicious code on your computer.
RESOLUTION To
resolve this problem, obtain the latest service pack for Microsoft SharePoint
Portal Server 2001. For additional information, click the following article
number to view the article in the Microsoft Knowledge Base: 312963 How to Obtain the Latest SharePoint Portal Server 2001 Service Pack
The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
Date Time Version Size File name
---------------------------------------------------------
19-Jul-2002 13:29 10.145.4629.13 860,160 Pkmcdo.dll Because of file dependencies, this update requires Microsoft
SharePoint Portal Server 2001 Service Pack 1. STATUS Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Microsoft SharePoint Portal Server 2001 Service Pack 2.
| Modification Type: | Major | Last Reviewed: | 4/7/2006 |
|---|
| Keywords: | kbQFE KBHotfixServer kbSharePtPortalSvr2001SP2fix kbbug kbfix kbSharePtPortalSvr2001preSP2fix KB321026 |
|---|
|