MS.Sharepoint.Remote.Code.Execution.Vulnerabilities.MS15-047

description-logoDescription

Microsoft SharePoint is a web application platform developed by Microsoft.
he vulnerabilities could allow remote code execution if an authenticated attacker sends specially crafted page content to a SharePoint server. An attacker who successfully exploited these vulnerabilities could run arbitrary code in the security context of the W3WP service account on the target SharePoint site.

affected-products-logoAffected Products

Microsoft SharePoint Server 2007 SP3
Microsoft SharePoint Server 2010 SP2
Microsoft SharePoint Server 2013 SP1

Impact logoImpact

The vulnerable system can be compromised by a remote attacker to retrieve content or modify application setting on the system. Therefore there is a risk of creating a denial of service scenario, exposing sensitive information or executing arbitrary code.

recomended-action-logoRecommended Actions

Please download and apply patches as instructed in https://technet.microsoft.com/library/security/MS15-047.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)