Check: 2013-B-0136
Windows 2012 IAVM:
2013-B-0136
(in version v1 r30)
Title
Microsoft SharePoint Remote Code Execution Vulnerability (Cat II impact)
Discussion
Microsoft has released a security bulletin addressing a vulnerability in Microsoft SharePoint. To exploit this vulnerability, an attacker would send specially crafted page content to a SharePoint server. If successfully exploited, this vulnerability would allow an attacker to run arbitrary code in the security context of the W3WP service account on the target SharePoint site and compromise the affected system.
Check Content
Fix Text
Additional Identifiers
Rule ID:
Vulnerability ID: V-42583
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |