Remote code execution vulnerabilities in Microsoft Sharepoint| ID: oval:org.secpod.oval:def:18570 | Date: (C)2014-05-20 (M)2022-09-30 |
| Class: VULNERABILITY | Family: windows |
The host is installed with SharePoint Server 2013 Client Components SDK, Microsoft SharePoint Designer 2007 SP3, 2010 SP1, SP2, 2013, SP1, Microsoft Office Web Apps Server 2013, SP1, Microsoft Windows SharePoint Services 3.0 SP3, SharePoint Server 2007, 2010 SP1, SP2, 2013, Microsoft SharePoint Foundation 2013 , 2010 SP1, SP2, Microsoft Web Applications 2010 SP1, SP2, Microsoft Project Server 2013, SP1, Microsoft Project Server 2010, SP1 or SP2 and is prone to remote code execution vulnerabilities. The flaws are present in the applications, which fail to properly sanitize the page content. Successful exploitation allows attackers to run arbitrary code.
| Platform: |
| Microsoft Windows 11 |
| Microsoft Windows Server 2022 |
| Microsoft Windows Server 2019 |
| Microsoft Windows Server 2016 |
| Microsoft Windows 10 |
| Microsoft Windows 7 |
| Microsoft Windows 8 |
| Microsoft Windows Server 2003 |
| Microsoft Windows Server 2008 |
| Microsoft Windows Server 2008 R2 |
| Microsoft Windows Server 2012 |
| Microsoft Windows Vista |
| Microsoft Windows Server 2012 R2 |
| Microsoft Windows 8.1 |
| Microsoft Windows XP |
| Product: |
| Microsoft Office Web Apps 2010 |
| Microsoft SharePoint Foundation 2010 |
| Microsoft SharePoint Foundation 2013 |
| Microsoft SharePoint Server 2007 |
| Microsoft SharePoint Server 2010 |
| Microsoft SharePoint Server 2013 |
| Microsoft SharePoint Services 3.0 |
| Microsoft Office Web Apps Server 2013 |
| Microsoft Project Server 2013 |
| Microsoft Project Server 2010 |
| Microsoft SharePoint Designer 2007 |
| Microsoft SharePoint Designer 2013 |
| Microsoft SharePoint Designer 2010 |
| Microsoft SharePoint Server 2013 Client Components SDK |
| Microsoft Expression Web |
