Vulnerabilities > CVE-2020-1147 - Unspecified vulnerability in Microsoft products
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
microsoft
Summary
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
Vulnerable Configurations
Related news
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1147
- http://packetstormsecurity.com/files/158694/SharePoint-DataSet-DataTable-Deserialization.html
- http://packetstormsecurity.com/files/158876/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html
- https://www.exploitalert.com/view-details.html?id=35992
- http://packetstormsecurity.com/files/163644/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html