Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2015-1700 | First vendor Publication | 2015-05-13 |
| Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:S/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 6 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Medium |
| Cvss Expoit Score | 6.8 | Authentication | Requires single instance |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Microsoft SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, and SharePoint Foundation 2013 SP1 allow remote authenticated users to execute arbitrary code via crafted page content, aka "Microsoft SharePoint Page Content Vulnerabilities." |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1700 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:28924 | |||
| Oval ID: | oval:org.mitre.oval:def:28924 | ||
| Title: | Microsoft SharePoint page content vulnerabilities – CVE-2015-1700 (MS15-047) | ||
| Description: | Microsoft SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, and SharePoint Foundation 2013 SP1 allow remote authenticated users to execute arbitrary code via crafted page content, aka "Microsoft SharePoint Page Content Vulnerabilities." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2015-1700 | Version: | 4 |
| Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 7 Microsoft Windows 8 | Product(s): | Microsoft SharePoint Server 2007 Microsoft SharePoint Server 2010 Microsoft SharePoint Foundation 2010 Microsoft SharePoint Foundation 2013 |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 3 |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2015-05-14 | IAVM : 2015-A-0104 - Microsoft SharePoint Remote Code Execution Vulnerability (MS15-047) Severity : Category II - VMSKEY : V0060645 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2015-05-12 | Name : The remote host is affected by a remote code execution vulnerability. File : smb_nt_ms15-047.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
| Source | Url |
|---|---|
| MS | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15... |
| SECTRACK | http://www.securitytracker.com/id/1032296 |
Alert History
| Date | Informations |
|---|---|
| 2021-05-04 12:38:39 |
|
| 2021-04-22 01:47:22 |
|
| 2020-05-23 00:44:31 |
|
| 2018-10-13 05:18:53 |
|
| 2017-01-03 09:23:13 |
|
| 2016-04-27 02:08:44 |
|
| 2015-10-18 17:23:39 |
|
| 2015-05-21 00:28:26 |
|
| 2015-05-19 21:30:03 |
|
| 2015-05-14 21:29:22 |
|
| 2015-05-13 17:26:26 |
|
