Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1754

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-1754
Last Modified 10 Aug 2015 11:32:32
Published 14 May 2014 07:13:06
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-1754

Summary

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 Gold and SP1, SharePoint Foundation 2013 Gold and SP1, Office Web Apps Server 2013 Gold and SP1, and SharePoint Server 2013 Client Components SDK allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."

Vulnerable Systems

Application

  • Microsoft Office Web Apps Server 2013

  • Microsoft Sharepoint Foundation 2013

  • Microsoft Sharepoint Server 2013

  • Microsoft Sharepoint Server Client Components Sdk 2013


References

MS - MS14-022

BID - 67288

SECTRACK - 1030227

Related Patches

MS14-022 Security Update for Microsoft SharePoint Enterprise Server 2013 (KB2863863)

MS14-022 Security Update for Microsoft Office Web Apps Server 2013 (KB2880453)

MS14-022 Security Update for Microsoft SharePoint Designer 2013 32-Bit Edition (KB2752096)

MS14-022 Security Update for Microsoft SharePoint Foundation 2010 (KB2837588)

MS14-022 Security Update for Microsoft Web Applications (KB2880536)

MS14-022 Security Update for Microsoft Project Server 2013 (KB2760236)

MS14-022 Security Update for Microsoft SharePoint Designer 2013 32-Bit Edition (KB2863836)

MS14-022 Security Update for Microsoft Office 2007 suites (KB2596861)

MS14-022 Security Update for Microsoft Project Server 2010 (KB2863922)

MS14-022 Security Update for Microsoft SharePoint Server 2013 Client Components SDK 32-Bit Edition (KB2863854)

MS14-022 Security Update for Microsoft Office SharePoint Server 2007 32-Bit Edition (KB2596763)

MS14-022 Security Update for Microsoft SharePoint Designer 2010 32-Bit Edition (KB2810069)

MS14-022 Security Update for Microsoft SharePoint Enterprise Server 2013 (KB2863856)

MS14-022 Security Update for Microsoft Office SharePoint Designer 2007 (KB2596810)

MS14-022 Security Update for Microsoft Office SharePoint Server 2007 32-Bit Edition (KB2596902)

MS14-022 Security Update for Microsoft SharePoint Designer 2013 64-Bit Edition (KB2752096)

MS14-022 Security Update for Microsoft SharePoint Designer 2010 64-Bit Edition (KB2810069)

MS14-022 Security Update for Microsoft Office SharePoint Server 2007 64-Bit Edition (KB2596763)

MS14-022 Security Update for Microsoft Office SharePoint Server 2007 64-Bit Edition (KB2596902)

MS14-022 Security Update for Microsoft SharePoint Server 2013 Client Components SDK 64-Bit Edition (KB2863854)

MS14-022 Security Update for Microsoft SharePoint Designer 2013 64-Bit Edition (KB2863836)

MS14-022 Security Update for Windows SharePoint Services 3.0 (KB2837616)

MS14-022 Security Update for 2010 Microsoft Business Productivity Servers (KB2837598)

MS14-022 Security Update for Windows SharePoint Services 3.0 x64 (KB2837616)

MS14-022 Security Update for Microsoft SharePoint Enterprise Server 2013 (KB2863829)


Last Updated: 27 May 2016 10:55:48