Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0251

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2014-0251
Last Modified 07 Aug 2015 01:42:25
Published 14 May 2014 07:13:04
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-0251

Summary

Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation 2010 SP1 and SP2 and 2013 Gold and SP1; Project Server 2010 SP1 and SP2 and 2013 Gold and SP1; Web Applications 2010 SP1 and SP2; Office Web Apps Server 2013 Gold and SP1; SharePoint Server 2013 Client Components SDK; and SharePoint Designer 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1 allow remote authenticated users to execute arbitrary code via crafted page content, aka "SharePoint Page Content Vulnerability."

Vulnerable Systems

Application

  • Microsoft Office Web Apps Server 2013

  • Microsoft Project Server 2010

  • Microsoft Project Server 2013

  • Microsoft Sharepoint Designer 2007

  • Microsoft Sharepoint Designer 2010

  • Microsoft Sharepoint Designer 2013

  • Microsoft Sharepoint Foundation 2010

  • Microsoft Sharepoint Foundation 2013

  • Microsoft Sharepoint Server 2007

  • Microsoft Sharepoint Server 2010

  • Microsoft Sharepoint Server 2013

  • Microsoft Sharepoint Server Client Components Sdk 2013

  • Microsoft Sharepoint Services 3.0

  • Microsoft Web Applications 2010


References

MS - MS14-022

SECTRACK - 1030227

Related Patches

MS14-022 Security Update for Microsoft SharePoint Enterprise Server 2013 (KB2863863)

MS14-022 Security Update for Microsoft Office Web Apps Server 2013 (KB2880453)

MS14-022 Security Update for Microsoft SharePoint Designer 2013 32-Bit Edition (KB2752096)

MS14-022 Security Update for Microsoft SharePoint Foundation 2010 (KB2837588)

MS14-022 Security Update for Microsoft Web Applications (KB2880536)

MS14-022 Security Update for Microsoft Project Server 2013 (KB2760236)

MS14-022 Security Update for Microsoft SharePoint Designer 2013 32-Bit Edition (KB2863836)

MS14-022 Security Update for Microsoft Office 2007 suites (KB2596861)

MS14-022 Security Update for Microsoft Project Server 2010 (KB2863922)

MS14-022 Security Update for Microsoft SharePoint Server 2013 Client Components SDK 32-Bit Edition (KB2863854)

MS14-022 Security Update for Microsoft Office SharePoint Server 2007 32-Bit Edition (KB2596763)

MS14-022 Security Update for Microsoft SharePoint Designer 2010 32-Bit Edition (KB2810069)

MS14-022 Security Update for Microsoft SharePoint Enterprise Server 2013 (KB2863856)

MS14-022 Security Update for Microsoft Office SharePoint Designer 2007 (KB2596810)

MS14-022 Security Update for Microsoft Office SharePoint Server 2007 32-Bit Edition (KB2596902)

MS14-022 Security Update for Microsoft SharePoint Designer 2013 64-Bit Edition (KB2752096)

MS14-022 Security Update for Microsoft SharePoint Designer 2010 64-Bit Edition (KB2810069)

MS14-022 Security Update for Microsoft Office SharePoint Server 2007 64-Bit Edition (KB2596763)

MS14-022 Security Update for Microsoft Office SharePoint Server 2007 64-Bit Edition (KB2596902)

MS14-022 Security Update for Microsoft SharePoint Server 2013 Client Components SDK 64-Bit Edition (KB2863854)

MS14-022 Security Update for Microsoft SharePoint Designer 2013 64-Bit Edition (KB2863836)

MS14-022 Security Update for Windows SharePoint Services 3.0 (KB2837616)

MS14-022 Security Update for 2010 Microsoft Business Productivity Servers (KB2837598)

MS14-022 Security Update for Windows SharePoint Services 3.0 x64 (KB2837616)

MS14-022 Security Update for Microsoft SharePoint Enterprise Server 2013 (KB2863829)


Last Updated: 27 May 2016 11:05:13