Remote code execution vulnerability in Microsoft Sharepoint in the security context of the W3WP service accountID: oval:org.secpod.oval:def:24275 | Date: (C)2015-05-13 (M)2021-09-11 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Sharepoint Server 2007, 2010, Sharepoint Foundation 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle specially crafted page content. Successful exploitation could allow attackers to execute arbitrary code in the security context of the W3WP service account.
Platform: |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows 7 |
Microsoft Windows 8 |
Product: |
Microsoft SharePoint Server 2007 |
Microsoft SharePoint Server 2010 |
Microsoft SharePoint Foundation 2010 |
Microsoft SharePoint Foundation 2013 |