Executive Summary

Summary
Title Vulnerability in Microsoft SharePoint Could Allow Remote Code Execution (2455005)
Informations
Name MS10-104 First vendor Publication 2010-12-14
Vendor Microsoft Last vendor Modification 2010-12-14
Severity (Vendor) Important Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.0 (December 14, 2010): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft SharePoint. The vulnerability could allow remote code execution in the security context of a guest user if an attacker sent a specially crafted SOAP request to the Document Conversions Launcher Service in a SharePoint server environment that is using the Document Conversions Load Balancer Service. By default, the Document Conversions Load Balancer Service and Document Conversions Launcher Service are not enabled in Microsoft Office SharePoint Server 2007.

Original Source

Url : http://www.microsoft.com/technet/security/bulletin/MS10-104.mspx

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11737
 
Oval ID: oval:org.mitre.oval:def:11737
Title: Malformed Request Code Execution Vulnerability
Description: Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2010-3964
Version: 4
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s): Microsoft Office SharePoint Server 2007
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2

SAINT Exploits

Description Link
Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability More info here

ExploitDB Exploits

id Description
2012-07-31 Microsoft Office SharePoint Server 2007 Remote Code Execution

OpenVAS Exploits

Date Description
2010-12-29 Name : Microsoft SharePoint Could Allow Remote Code Execution Vulnerability (2455005)
File : nvt/secpod_ms10-104.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
69817 Microsoft SharePoint Office Document Load Balancer Crafted SOAP Request Remot...

Microsoft SharePoint contains a flaw related to a validation error when processing SOAP requests sent to the Document Conversions Launcher Service. The issue is triggered when a remote attacker uses a specially crafted request to upload an arbitrary file to an affected server. This may allow an attacker to execute arbitrary code.

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Office SharePoint document conversion remote code excution attempt
RuleID : 18238 - Revision : 13 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date Description
2010-12-15 Name : The remote host has a remote code execution vulnerability.
File : smb_nt_ms10-104.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-02-17 11:46:49
  • Multiple Updates
2014-01-19 21:30:35
  • Multiple Updates