CVE-2019-1295

Description

A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1257, CVE-2019-1296.

Affected products

• Microsoft / Microsoft SharePoint Enterprise Server2016 – 2016
• Microsoft / Microsoft SharePoint Foundation2010 Service Pack 2 – 2010 Service Pack 2
• Microsoft / Microsoft SharePoint Foundation2013 Service Pack 1 – 2013 Service Pack 1
• Microsoft / Microsoft SharePoint Server2019 – 2019

References

• VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1295