Vigil@nce - Microsoft Office 2013: obtaining the SharePoint token
December 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can invite the victim to open an Office document on a
remote server, in order to obtain the authentication token for a
SharePoint server.
Impacted products: Office, Access, Excel, InfoPath, OneNote,
Outlook, PowerPoint, Project, Publisher, Visio, Word
Severity: 2/4
Creation date: 11/12/2013
DESCRIPTION OF THE VULNERABILITY
An Office program can open a document located on a remote server.
The remote server can require an authentication. However, the
server can deceive Office, so it sends authentication data which
are for another SharePoint server.
An attacker can therefore invite the victim to open an Office
document on a remote server, in order to obtain the authentication
token for a SharePoint server.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Microsoft-Office-2013-obtaining-the-SharePoint-token-13934