MS15-047: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (3058083)
High Nessus Plugin ID 83357
SynopsisThe remote host is affected by a remote code execution vulnerability.
DescriptionThe remote Windows host has a version of Microsoft SharePoint Server that is affected by a remote code execution vulnerability due to not properly sanitizing specially crafted page content. An authenticated, remote attacker, by sending a malicious page to a SharePoint server, can exploit this to run arbitrary code in the security context of the W3WP service account.
SolutionMicrosoft has released a set of patches for SharePoint Server 2007, 2010, and 2013.