|
Description
|
|
Multiple vulnerabilities have been reported in Microsoft SharePoint, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.
1) An error when handling an unassigned workflow can be exploited to cause the W3WP process to stop responding via a specially crafted URL.
2) An error when handling certain objects can be exploited to corrupt memory.
For more information see vulnerability #1:
SA54739
3) An error related to MAC exists when handling unassigned workflows.
Successful exploitation of the vulnerabilities #2 and #3 allows execution of arbitrary code.
4) Input passed via the "ms-descriptionText > ctl00_PlaceHolderDialogBodySection_PlaceHolderDialogBodyMainSection_ValSummary" parameter related to metadata storage assignment of the BDC permission management within the "Sharepoint Online Cloud 2013 Service" section is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.
5) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
6) Multiple unspecified errors can be exploited to cause memory corruption.
For more information see vulnerability #2 in:
SA54737
|
