CVE-2013-5059

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2013-5059
Microsoft SharePoint Server 2010 SP1 and SP2 and 2013, and Office Web Apps 2013, allows remote attackers to execute arbitrary code via crafted page content, aka "SharePoint Page Content Vulnerabilities."

6.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-100
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:office_web_apps:2013:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2013:*:*:*:*:*:*:*
History

No history.

Information

Published : 2013-12-11 00:55

Updated : 2024-02-04 18:16

NVD link : CVE-2013-5059

Mitre link : CVE-2013-5059

CVE.ORG link : CVE-2013-5059

JSON object : View

Products Affected

microsoft

  • office_web_apps
  • sharepoint_server
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')