Microsoft Security Response Center

*What is the attack vector for this vulnerability?* In a network-based attack, an authenticated attacker can gain access to create a site and could execute code remotely within the SharePoint Server.

*Is the Preview Pane an attack vector for this vulnerability?* Yes, the Preview Pane is an attack vector.

*Is the Preview Pane an attack vector for this vulnerability?* No, the Preview Pane is not an attack vector.

*What kind of information can be disclosed?* An attacker can gain access to an organizational's email, sites, filename, url of file...

*Is the Preview Pane an attack vector for this vulnerability?* No, the Preview Pane is not an attack vector.

*Is the Preview Pane an attack vector for this vulnerability?* No, the Preview Pane is not an attack vector.

*Is the Preview Pane an attack vector for this vulnerability?* No, the Preview Pane is not an attack vector.

*Is the Preview Pane an attack vector for this vulnerability?* No, the Preview Pane is not an attack vector.

*Is the Preview Pane an attack vector for this vulnerability?* No, the Preview Pane is not an attack vector.

*What type of information could be disclosed by this vulnerability?* The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.