MS14-022: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2952166)
High Nessus Plugin ID 73981
SynopsisThe remote host is affected by multiple vulnerabilities.
DescriptionThe versions of Office SharePoint Server, Office Web Apps, SharePoint Client Components SDK, or SharePoint Designer installed on the remote host are affected by multiple vulnerabilities :
- A code execution vulnerability exists in Microsoft SharePoint Server. (CVE-2014-0251)
- A cross-site scripting vulnerability exists in Microsoft SharePoint Server. (CVE-2014-1754)
- A code execution vulnerability exists in Microsoft Web Applications. (CVE-2014-1813)
SolutionMicrosoft has released a set of patches for SharePoint Server 2007, SharePoint Server 2010, SharePoint Server 2013, and Office Web Apps 2013.