Lucene search
AnonymousZDI-21-276HistoryMar 11, 2021 - 12:00 a.m.
Microsoft SharePoint InfoPath List Deserialization of Untrusted Data Remote Code Execution Vulnerability
2021-03-1100:00:00
Anonymous
www.zerodayinitiative.com
113
0.053 Low
EPSS
Percentile
93.1%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of InfoPath attachments. Tampering with client-side data can trigger the deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the SharePoint web server process.
Related
prion
prion
Remote code execution
2021-03-11 16:15:00
nessus
nessus
Security Updates for Microsoft SharePoint Server 2010 (March 2021)
2021-03-12 00:00:00
Security Updates for Microsoft SharePoint Server 2013 (March 2021)
2021-03-12 00:00:00
Security Updates for Microsoft Sharepoint 2016 (March 2021)
2021-03-12 00:00:00
cvelist
cvelist
mscve
mscve
Microsoft SharePoint Server Remote Code Execution Vulnerability
2021-03-09 08:00:00
nvd
nvd
CVE-2021-27076
2021-03-11 16:15:18
mskb
mskb
attackerkb
attackerkb
CVE-2021-27076
2021-03-11 00:00:00
cve
cve
CVE-2021-27076
2021-03-11 16:15:18
checkpoint_advisories
checkpoint_advisories
Microsoft SharePoint Server Remote Code Execution (CVE-2021-27076)
2021-03-09 00:00:00
threatpost
threatpost
Microsoft Patch Tuesday Updates Fix 14 Critical Bugs
2021-03-09 22:12:56
kaspersky
kaspersky
KLA12109 Multiple vulnerabilities in Microsoft Office
2021-03-09 00:00:00
thn
thn
rapid7blog
rapid7blog
Patch Tuesday - March 2021
2021-03-09 22:13:03