(MS13-024) Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2780176)

  Severity: CRITICAL
  CVE Identifier: CVE-2013-0080,CVE-2013-0083,CVE-2013-0084,CVE-2013-0085
  Advisory Date: MAR 21, 2013

  DESCRIPTION

This patch addresses vulnerabilities found in Microsoft SharePoint and Microsoft SharePoint Foundation. When exploited via a malicious URL pointing to a SharePoint site, it can allow elevation of privilege. Affected software include Microsoft SharePoint Server 2010 Service Pack 1 and Microsoft SharePoint Foundation 2010 Service Pack 1.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Microsoft SharePoint Server 2010 Service Pack 1
  • Microsoft SharePoint Foundation 2010 Service Pack 1