The host is installed with Microsoft Sharepoint Server 2007, 2010, Sharepoint Foundation 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle specially crafted page content. Successful exploitation could allow attackers to execute arbitrary code in the security context of the W3WP service account.