{"uuid": "dfb20e5e-86b9-4c4d-9526-80a3524ec337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-0932", "type": "published-proof-of-concept", "source": "https://t.me/techpwnews/525", "content": "CVE-2020-0932: Remote Code Execution on Microsoft SharePoint Using TypeConverters\n\nIn April 2020, Microsoft released four Critical and two Important-rated patches to fix remote code execution bugs in Microsoft SharePoint. All these are deserialization bugs. Two came through the ZDI program from an anonymous researcher: CVE-2020-0931 and CVE-2020-0932. This blog looks at that last CVE, also known as ZDI-20-468, in greater detail. Let\u2019s start by taking a look at the bug in action.\u00a0This vulnerability allows authenticated users to execute arbitrary code ...\n\nContinue reading at Zero Day Initiative - Blog", "creation_timestamp": "2020-04-29T19:06:26.000000Z"}