Remote Code Execution Vulnerability in Microsoft SharePoint Products
CVE-2014-0251

Currently unrated

Key Information:

Vendor: Microsoft
Status: Project Server; Sharepoint Foundation; Web Applications; Sharepoint Server
Vendor: CVE Published:; 14 May 2014

Summary

This vulnerability allows remote authenticated users to execute arbitrary code on affected Microsoft SharePoint products through specially crafted page content. Successful exploitation can lead to significant security risks, enabling attackers to manipulate SharePoint resources and potentially access sensitive information.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securitytracker.com/id/1030227

vdb-entryx_refsource_SECTRACK

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 14, 2014
Vulnerability Reserved
Dec 3, 2013