=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2005/VULN066
_____________________________________________________________________

DATE                      : 09/02/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Windows SharePoint Services,
                                    SharePoint Team Services.

======================================================================

MS05-006
Title:  Vulnerability in Windows SharePoint Services and SharePoint
Team Services Could Allow Cross-Site Scripting and Spoofing Attacks
(887981)

Affected Software:
  - Windows SharePoint Services
  - SharePoint Team Services from Microsoft

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating:  Moderate

Restart required: This update does not require a restart. The
installer stops the required services, applies the update, and then
restarts the services. However, if the required services cannot be
stopped for any reason, or if required files are being used, this
update will require a restart. If this behavior occurs, a message
appears that advises you to restart."

Update can be uninstalled: No

More information on this vulnerability is available at:
http://www.microsoft.com/technet/security/bulletin/MS05-006.mspx

======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================