Executive Summary
Summary | |
---|---|
Title | Vulnerability in Microsoft SharePoint Could Allow Remote Code Execution (2455005) |
Informations | |||
---|---|---|---|
Name | MS10-104 | First vendor Publication | 2010-12-14 |
Vendor | Microsoft | Last vendor Modification | 2010-12-14 |
Severity (Vendor) | Important | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.0 (December 14, 2010): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft SharePoint. The vulnerability could allow remote code execution in the security context of a guest user if an attacker sent a specially crafted SOAP request to the Document Conversions Launcher Service in a SharePoint server environment that is using the Document Conversions Load Balancer Service. By default, the Document Conversions Load Balancer Service and Document Conversions Launcher Service are not enabled in Microsoft Office SharePoint Server 2007. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS10-104.mspx |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11737 | |||
Oval ID: | oval:org.mitre.oval:def:11737 | ||
Title: | Malformed Request Code Execution Vulnerability | ||
Description: | Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3964 | Version: | 4 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Server 2008 | Product(s): | Microsoft Office SharePoint Server 2007 |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 |
SAINT Exploits
Description | Link |
---|---|
Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability | More info here |
ExploitDB Exploits
id | Description |
---|---|
2012-07-31 | Microsoft Office SharePoint Server 2007 Remote Code Execution |
OpenVAS Exploits
Date | Description |
---|---|
2010-12-29 | Name : Microsoft SharePoint Could Allow Remote Code Execution Vulnerability (2455005) File : nvt/secpod_ms10-104.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
69817 | Microsoft SharePoint Office Document Load Balancer Crafted SOAP Request Remot... Microsoft SharePoint contains a flaw related to a validation error when processing SOAP requests sent to the Document Conversions Launcher Service. The issue is triggered when a remote attacker uses a specially crafted request to upload an arbitrary file to an affected server. This may allow an attacker to execute arbitrary code. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Office SharePoint document conversion remote code excution attempt RuleID : 18238 - Revision : 13 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-12-15 | Name : The remote host has a remote code execution vulnerability. File : smb_nt_ms10-104.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:46:49 |
|
2014-01-19 21:30:35 |
|