Microsoft SharePoint Server Elevation of Privilege Vulnerabilities

Last Update Date: 15 Apr 2015 14:59 Release Date: 15 Apr 2015 3663 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

Elevation of privilege vulnerabilities exist when SharePoint Server improperly sanitizes a specially crafted request to an affected SharePoint server. An authenticated attacker could exploit these vulnerabilities by sending a specially crafted request to an affected SharePoint server. The attacker who successfully exploited these vulnerabilities could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the victim, such as change permissions and delete content, and inject malicious content in the victim’s browser.

Impact

  • Elevation of Privilege

System / Technologies affected

  • Microsoft SharePoint Server 2010
  • Microsoft SharePoint Server 2013

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Graphics Component Remote Code Execution Vulnerability

15 Apr 2015 3755 Views

Next

Microsoft Windows Task Scheduler Elevation of Privilege Vulnerability

15 Apr 2015 3730 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY