MS.Sharepoint.Remote.Code.Execution.Vulnerabilities.MS15-047
Description
Microsoft SharePoint is a web application platform developed by Microsoft.
he vulnerabilities could allow remote code execution if an authenticated attacker sends specially crafted page content to a SharePoint server. An attacker who successfully exploited these vulnerabilities could run arbitrary code in the security context of the W3WP service account on the target SharePoint site.
Affected Products
Microsoft SharePoint Server 2007 SP3
Microsoft SharePoint Server 2010 SP2
Microsoft SharePoint Server 2013 SP1
Impact
The vulnerable system can be compromised by a remote attacker to retrieve content or modify application setting on the system. Therefore there is a risk of creating a denial of service scenario, exposing sensitive information or executing arbitrary code.
Recommended Actions
Please download and apply patches as instructed in https://technet.microsoft.com/library/security/MS15-047.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |