(MS15-036) Vulnerabilities in Microsoft SharePoint Server Could Allow Elevation of Privilege (3052044)
Severity: HIGH
Advisory Date: APR 22, 2015
DESCRIPTION
This security update addresses vulnerabilities found existing in Microsoft Office server and productivity software, which could allow elevation of privilege. An attacker can successfully exploit these vulnerabilities via sending a specially crafted request to an affected SharePoint server. As such, an attacker can read content or take actions on the SharePoint site without the user’s knowledge.
SOLUTION
AFFECTED SOFTWARE AND VERSION
- Microsoft SharePoint Server 2013 Service Pack 1
- Microsoft SharePoint Server 2010 Service Pack 2