<p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p>
<p>To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.</p>
<p>The security update addresses the vulnerability by correcting how Microsoft SharePoint Server handles objects in memory.</p>
References
Link | Resource |
---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16950 | Patch Vendor Advisory |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16950 | Patch Vendor Advisory |
Configurations
History
21 Nov 2024, 05:07
Type | Values Removed | Values Added |
---|---|---|
References | () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16950 - Patch, Vendor Advisory |
31 Dec 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 5.0 |
Summary | <p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.</p> <p>The security update addresses the vulnerability by correcting how Microsoft SharePoint Server handles objects in memory.</p> |
Information
Published : 2020-10-16 23:15
Updated : 2024-11-21 05:07
NVD link : CVE-2020-16950
Mitre link : CVE-2020-16950
CVE.ORG link : CVE-2020-16950
JSON object : View
Products Affected
microsoft
- sharepoint_server
CWE