[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Microsoft SharePoint Remote Code Execution Vulnerability - CVE-2019-1257

ID: oval:org.secpod.oval:def:58431Date: (C)2019-09-11   (M)2021-09-12
Class: VULNERABILITYFamily: windows




A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account. Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint. The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.

Platform:
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows 10
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows XP
Product:
Microsoft SharePoint Foundation 2010
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2016
Reference:
CVE-2019-1257
CVE    1
CVE-2019-1257
CPE    5
cpe:/a:microsoft:sharepoint_foundation:2013
cpe:/a:microsoft:sharepoint_foundation:2010
cpe:/a:microsoft:sharepoint_foundation:2010:sp2
cpe:/a:microsoft:sharepoint_server:2016
...

© SecPod Technologies