Lucene search
MicrosoftMS:CVE-2020-0932HistoryApr 14, 2020 - 7:00 a.m.
Microsoft SharePoint Remote Code Execution Vulnerability
2020-04-1407:00:00
Microsoft
msrc.microsoft.com
43
0.017 Low
EPSS
Percentile
87.8%
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.
Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.
The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.
Related
zdi
zdi
checkpoint_advisories
checkpoint_advisories
Microsoft SharePoint Remote Code Execution (CVE-2020-0932)
2020-05-10 00:00:00
prion
prion
Remote code execution
2020-04-15 15:15:00
Remote code execution
2020-04-15 15:15:00
Remote code execution
2020-04-15 15:15:00
cve
cve
qualysblog
qualysblog
mskb
mskb
threatpost
threatpost
April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit
2020-04-14 19:45:49
nessus
nessus
Security Updates for Microsoft SharePoint Server (April 2020)
2020-04-16 00:00:00
kaspersky
kaspersky
KLA11745 Multiple vulnerabilities in Microsoft Office
2020-04-14 00:00:00
avleonov
avleonov