CVE-2015-1700

Published: May 13, 2015Modified: May 6, 2026

6.0

Vector

AV:N/AC:M/Au:S/C:P/I:P/A:P

Exploitability: 6.8 / Impact: 6.4

Source: NVD

Description

Microsoft SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, and SharePoint Foundation 2013 SP1 allow remote authenticated users to execute arbitrary code via crafted page content, aka "Microsoft SharePoint Page Content Vulnerabilities."

Affected (4)

Products: Microsoft: Sharepoint Foundation, Sharepoint Server

2 products

Sharepoint Foundation

Sharepoint Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Sharepoint Foundation	Version 2010 sp2

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Microsoft Sharepoint Server	Version 2007 sp3
Microsoft Sharepoint Server	Version 2010 sp2
Microsoft Sharepoint Server	Version 2013 sp1

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

http://www.securitytracker.com/id/1032296

Source: secure@microsoft.com

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-047

Source: secure@microsoft.com

http://www.securitytracker.com/id/1032296

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-047

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.