(MS13-100)Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2904244)
Publish Date: 27 Dezember 2013
Schweregrad:: Hoch
CVE Kennungen:: CVE-2013-5059
Hinweisdatum: 27 Dezember 2013
Beschreibung
This security update resolves multiple privately reported vulnerabilities in Microsoft Office server software. These vulnerabilities could allow remote code execution if an authenticated attacker sends specially crafted page content to a SharePoint server. An attacker who successfully exploited these vulnerabilities could run arbitrary code in the security context of the W3WP service account on the target SharePoint site.
Lösungen
Betroffene Software und Version:
- Microsoft SharePoint Server 2013
- Microsoft SharePoint Server 2010 Service Pack 2
- Microsoft Office Web Apps 2013