CVE-2014-0251

CWE-94Code Injection3 documents3 sources
Severity
9.0CRITICAL
EPSS
19.6%
top 4.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Microsoft Office WEB Apps ServerMicrosoft Project ServerMicrosoft Sharepoint Designer+5 more
Timeline
PublishedMay 14
Latest updateMay 14

Description

Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation 2010 SP1 and SP2 and 2013 Gold and SP1; Project Server 2010 SP1 and SP2 and 2013 Gold and SP1; Web Applications 2010 SP1 and SP2; Office Web Apps Server 2013 Gold and SP1; SharePoint Server 2013 Client Components SDK; and SharePoint Designer 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1 allow remote authenticated users to execute arbitrary code via crafted

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages8 packages

NVDmicrosoft/sharepoint_server2007, 2010, 2013+2
NVDmicrosoft/sharepoint_designer2007, 2010, 2013+2

🔴Vulnerability Details

2
GHSA
GHSA-hcw7-j5pr-h3vx: Microsoft Windows SharePoint Services 32022-05-14
CVEList
CVE-2014-0251: Microsoft Windows SharePoint Services 32014-05-14
CVE-2014-0251 (CRITICAL CVSS 9) | Microsoft Windows SharePoint Servic | cvebase.io