Microsoft SharePoint Server Remote Privilege Escalation Vulnerabilities

Summary

Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundation 2013 Gold and SP1 allow remote authenticated users to gain privileges via a Trojan horse app that executes a custom action in the context of the SharePoint extensibility model, aka ‘SharePoint Page Content Vulnerability.’

Credit:

Details

Vulnerable Systems:
 * Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundation 2013 Gold and SP1

Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges in the context of the currently logged-in user. Successful exploits may aid in further attacks.

CVE Information:
CVE-2014-2816

Disclosure Timeline:
Original release date: 08/12/2014
Last revised: 08/22/2014

Categories: Windows