Количество 5
Количество 5
CVE-2020-16952
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.</p> <p>Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.</p> <p>The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.</p>
CVE-2020-16952
Microsoft SharePoint Remote Code Execution Vulnerability
GHSA-4xg2-wcmm-2j45
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16951.
BDU:2020-05448
Уязвимость пакетов программ Microsoft SharePoint Server, Microsoft SharePoint Foundation, Microsoft SharePoint Enterprise Server, связанная с ошибкой подтверждения источника данных, позволяющая нарушителю выполнить произвольный код
BDU:2020-04828
Уязвимость пакетов программ Microsoft SharePoint Server, Microsoft SharePoint Foundation, Microsoft SharePoint Enterprise Server, связанная с недостаточной проверкой вводимых даных, позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-16952 <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.</p> <p>Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.</p> <p>The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.</p> | CVSS3: 8.6 | 78% Высокий | больше 5 лет назад |
 | CVE-2020-16952 Microsoft SharePoint Remote Code Execution Vulnerability | CVSS3: 8.6 | 78% Высокий | больше 5 лет назад |
| GHSA-4xg2-wcmm-2j45 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16951. | CVSS3: 8.6 | 78% Высокий | больше 3 лет назад |
 | BDU:2020-05448 Уязвимость пакетов программ Microsoft SharePoint Server, Microsoft SharePoint Foundation, Microsoft SharePoint Enterprise Server, связанная с ошибкой подтверждения источника данных, позволяющая нарушителю выполнить произвольный код | CVSS3: 7.8 | 78% Высокий | около 5 лет назад |
| BDU:2020-04828 Уязвимость пакетов программ Microsoft SharePoint Server, Microsoft SharePoint Foundation, Microsoft SharePoint Enterprise Server, связанная с недостаточной проверкой вводимых даных, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.6 | 78% Высокий | больше 5 лет назад |
Уязвимостей на страницу