Microsoft KB Archive/321026

= A Vulnerability Exists in the CDO Protocol Handler Component of SharePoint Portal Server =

Article ID: 321026

Article Last Modified on 11/24/2006

-

APPLIES TO


 * Microsoft SharePoint Portal Server 2001 Service Pack 1

-



This article was previously published under Q321026





SYMPTOMS
A vulnerability exists in the Collaboration Data Objects (CD0) protocol handler component of SharePoint Portal Server. When this vulnerability exists, a malicious user can address arbitrary Uniform Resource Locators (URLs). Because the protocol is addressable from Microsoft Internet Explorer, the possibility exists where a malicious user can use a specially formatted Web page to run malicious code on your computer.



RESOLUTION
To resolve this problem, obtain the latest service pack for Microsoft SharePoint Portal Server 2001. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

312963 How to Obtain the Latest SharePoint Portal Server 2001 Service Pack

The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

  Date         Time   Version           Size     File name -  19-Jul-2002  13:29  10.145.4629.13    860,160  Pkmcdo.dll

Note Because of file dependencies, this update requires Microsoft SharePoint Portal Server 2001 Service Pack 1.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Microsoft SharePoint Portal Server 2001 Service Pack 2.

Additional query words: sps

Keywords: kbqfe kbhotfixserver kbshareptportalsvr2001sp2fix kbbug kbfix kbshareptportalsvr2001presp2fix KB321026

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.