18 matches found
April 11, 2023, cumulative update for SharePoint Enterprise Server 2013 (KB5002381)
April 11, 2023, cumulative update for SharePoint Enterprise Server 2013 KB5002381 Cumulative update packages for Microsoft SharePoint Enterprise Server 2013 contain hotfixes for the issues that were fixed since the release of SharePoint Enterprise Server 2013. Note: This is build 15.0.5545.1000 o...
March 14, 2023, cumulative update for SharePoint Enterprise Server 2013 (KB5002366)
March 14, 2023, cumulative update for SharePoint Enterprise Server 2013 KB5002366 Cumulative update packages for Microsoft SharePoint Enterprise Server 2013 contain hotfixes for the issues that were fixed since the release of SharePoint Enterprise Server 2013. Note: This is build 15.0.5537.1000 o...
Security Updates for Microsoft SharePoint Server 2013 (March 2023)
The Microsoft SharePoint Foundation 2013 installation on the remote host is missing security updates. It is, therefore, affected by a Sharepoint server spoofing vulnerability. %NASLMINLEVEL 70300 C Tenable, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid172534;...
Security Updates for Microsoft SharePoint Server 2013 (September 2021)
The Microsoft SharePoint Server 2013 installation on the remote host is missing security updates. It is, therefore, affected by multiple Server Spoofing Vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number...
Security Updates for Microsoft SharePoint Server 2013 (January 2021)
The Microsoft SharePoint Server 2013 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2021-1641,...
Security Updates for Microsoft SharePoint Server 2013 (November 2020)
The Microsoft SharePoint Server 2013 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - An Information Disclosure Vulnerability exists in Microsoft SharePoint. CVE-2020-16979, CVE-2020-17017 - A Spoofing Vulnerability exists in...
Security Updates for Microsoft SharePoint Server 2013 (October 2020)
The Microsoft SharePoint Server 2013 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who...
Microsoft SharePoint Server 2013 build < 15.0.5163.1000 Multiple Vulnerabilities
According to its self-reported version number, the Microsoft SharePoint application running on the remote host is affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the way Microsoft SharePoint handles session objects. - A remote code execution vulnerabilit...
MS15-022: Description of the security update for Office Web Apps Server 2013: March 10, 2015
Resolves vulnerabilities in Office Web Apps Server 2013 that could allow remote code execution if an authenticated attacker sends specially crafted page content to a targeted computer that is running SharePoint Server.IntroductionThis update resolves vulnerabilities in Microsoft Office Web Apps...
Description of the security update for SharePoint Server 2013: May 9, 2017
Description of the security update for SharePoint Server 2013: May 9, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft...
Description of the security update for SharePoint Enterprise Server 2013: April 10, 2018
Description of the security update for SharePoint Enterprise Server 2013: April 10, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...
MS14-001: Description of the security update for Word Automation Services in Microsoft SharePoint Server 2013: January 14, 2014
MS14-001: Description of the security update for Word Automation Services in Microsoft SharePoint Server 2013: January 14, 2014 INTRODUCTION Microsoft has released security bulletin MS14-001. To view the complete security bulletin, visit one of the following Microsoft websites: Home...
MS14-017: Description of the security update for Word Automation Services in Microsoft SharePoint Server 2013: April 8, 2014
MS14-017: Description of the security update for Word Automation Services in Microsoft SharePoint Server 2013: April 8, 2014 View products that this article applies to. Introduction This update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a specially...
Cross site scripting
Cross-site scripting XSS vulnerability in Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content in an Office Marketplace instance, aka "Microsoft SharePoint Security Feature Bypass...
CVE-2014-2816
CVE-2014-2816 affects Microsoft SharePoint Server 2013 (Gold/SP1) and SharePoint Foundation 2013 (Gold/SP1). The vulnerability allows remote authenticated users to gain privileges via a Trojan horse app that runs a custom action in the SharePoint extensibility model (SharePoint Page Content Vulne...
CVE-2013-3179
Cross-site scripting XSS vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."...
CVE-2013-1290
Microsoft SharePoint Server 2013, in certain configurations involving legacy My Sites, does not properly establish default access controls for a SharePoint list, which allows remote authenticated users to bypass intended restrictions on reading list items via a direct request for a list's locatio...
Security update 1970-01-01
...