Kaspersky LabKLA10582KLA10582 Code execution vulnerability in Microsoft Sharepoint Server
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.048 Low
EPSS
Percentile
92.7%
An unspecified vulnerability was found in Microsoft SharePoint Server. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed page content.
Original advisories
Related products
CVE list
CVE-2015-1700 high
KB list
Solution
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Impacts
- ACE
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Affected Products
- SharePoint Server 2007 x86, x64 Service Pack 3SharePoint Foundation 2010 Service Pack 2SharePoint Server 2010 Service Pack 2SharePoint Foundation 2013 Service Pack 1
References
support.microsoft.com/kb/2760412
support.microsoft.com/kb/2956192
support.microsoft.com/kb/3017815
support.microsoft.com/kb/3054792
support.microsoft.com/kb/3058083
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-1700
statistics.securelist.com/
technet.microsoft.com/en-us/library/security/ms15-047
threats.kaspersky.com/en/product/Microsoft-Sharepoint-Server/
Related
6 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.048 Low
EPSS
Percentile
92.7%