Denial of Service Vulnerability in Microsoft SharePoint Portal and Server Products
CVE-2013-0081

Currently unrated

Key Information:

Vendor: Microsoft
Status: Sharepoint Services; Sharepoint Foundation; Sharepoint Server; Sharepoint Portal Server
Vendor: CVE Published:; 11 September 2013

Summary

Microsoft SharePoint Portal Server and various SharePoint Server versions have a vulnerability that results from improper processing of unassigned workflows. This flaw allows remote attackers to exploit the system by sending specially crafted URLs, which can lead to the W3WP process hanging and consequently deny service to legitimate users. Addressing this vulnerability is crucial for maintaining the availability and reliability of SharePoint services.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.us-cert.gov/ncas/alerts/TA13-253A

third-party-advisoryx_refsource_CERT

EPSS Score

60% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 11, 2013
Vulnerability Reserved
Nov 27, 2012