MS14-073: Vulnerability in Microsoft SharePoint Foundation Could Allow Elevation of Privilege (3000431)

Medium Nessus Plugin ID 79133


The remote host is affected by a privilege escalation vulnerability.


The version of SharePoint Foundation installed on the remote Windows host is affected by a privilege escalation vulnerability due to the improper validation of page content in SharePoint lists. By exploiting this flaw, a remote authenticated attacker can run arbitrary code in the security context of the logged-on user.


Microsoft has released patches for SharePoint Foundation 2010 SP2.

See Also

Plugin Details

Severity: Medium

ID: 79133

File Name: smb_nt_ms14-073.nasl

Version: $Revision: 1.5 $

Type: local

Agent: windows

Published: 2014/11/12

Modified: 2017/07/28

Dependencies: 57033, 74250

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:sharepoint_foundation

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2014/11/11

Vulnerability Publication Date: 2014/11/11

Reference Information

CVE: CVE-2014-4116

BID: 70980

OSVDB: 114526

MSFT: MS14-073

MSKB: 2889838

IAVA: 2014-A-0175