Unrated severityNVD Advisory· Published Oct 30, 2009· Updated Apr 23, 2026

CVE-2009-3830

Description

The download functionality in Team Services in Microsoft Office SharePoint Server 2007 12.0.0.4518 and 12.0.0.6219 allows remote attackers to read ASP.NET source code via pathnames in the SourceUrl and Source parameters to _layouts/download.aspx.

Affected products

Microsoft/Sharepoint Server
cpe:2.3:a:microsoft:sharepoint_server:2007:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/36817nvdExploit
support.microsoft.com/kb/976829nvdVendor Advisory
www.securityfocus.com/archive/1/507419/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/53955nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.051
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000