Executive Summary

Summary
Title Vulnerabilities in Microsoft Exchange Server WebReady Document Viewing Could Allow Remote Code Execution (2740358)
Informations
Name MS12-058 First vendor Publication 2012-08-14
Vendor Microsoft Last vendor Modification 2012-11-20
Severity (Vendor) Critical Revision 2.2

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 2.1 Attack Range Local
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V2.2 (November 20, 2012): Corrected the update package names, registry verification keys, and log file names for the KB2756497 and KB2756496 updates where incorrect in this bulletin. These are informational changes only. The download pages and associated Knowledge Base articles already contained the correct information.

Summary: This security update resolves publicly disclosed vulnerabilities in Microsoft Exchange Server WebReady Document Viewing. The vulnerabilities could allow remote code execution in the security context of the transcoding service on the Exchange server if a user previews a specially crafted file using Outlook Web App (OWA). The transcoding service in Exchange that is used for WebReady Document Viewing is running in the LocalService account. The LocalService account has minimum privileges on the local computer and presents anonymous credentials on the network.

Original Source

Url : http://technet.microsoft.com/en-us/security/bulletin/ms12-058

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:14834
 
Oval ID: oval:org.mitre.oval:def:14834
Title: Oracle Outside In contains multiple exploitable vulnerabilities - XII
Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family: windows Class: vulnerability
Reference(s): CVE-2012-3109
Version: 6
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14882
 
Oval ID: oval:org.mitre.oval:def:14882
Title: Oracle Outside In contains multiple exploitable vulnerabilities - V
Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family: windows Class: vulnerability
Reference(s): CVE-2012-1770
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15275
 
Oval ID: oval:org.mitre.oval:def:15275
Title: Oracle Outside In contains multiple exploitable vulnerabilities - III
Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family: windows Class: vulnerability
Reference(s): CVE-2012-1768
Version: 6
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15323
 
Oval ID: oval:org.mitre.oval:def:15323
Title: Oracle Outside In contains multiple exploitable vulnerabilities - VII
Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family: windows Class: vulnerability
Reference(s): CVE-2012-1772
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15568
 
Oval ID: oval:org.mitre.oval:def:15568
Title: Oracle Outside In contains multiple exploitable vulnerabilities - VIII
Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family: windows Class: vulnerability
Reference(s): CVE-2012-1773
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15608
 
Oval ID: oval:org.mitre.oval:def:15608
Title: Oracle Outside In contains multiple exploitable vulnerabilities - IX
Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family: windows Class: vulnerability
Reference(s): CVE-2012-3106
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15648
 
Oval ID: oval:org.mitre.oval:def:15648
Title: Oracle Outside In contains multiple exploitable vulnerabilities - X
Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family: windows Class: vulnerability
Reference(s): CVE-2012-3107
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15668
 
Oval ID: oval:org.mitre.oval:def:15668
Title: Oracle Outside In contains multiple exploitable vulnerabilities - VI
Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family: windows Class: vulnerability
Reference(s): CVE-2012-1771
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15721
 
Oval ID: oval:org.mitre.oval:def:15721
Title: Oracle Outside In contains multiple exploitable vulnerabilities - IV
Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family: windows Class: vulnerability
Reference(s): CVE-2012-1769
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15724
 
Oval ID: oval:org.mitre.oval:def:15724
Title: Oracle Outside In contains multiple exploitable vulnerabilities - I
Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family: windows Class: vulnerability
Reference(s): CVE-2012-1766
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15747
 
Oval ID: oval:org.mitre.oval:def:15747
Title: Oracle Outside In contains multiple exploitable vulnerabilities - XIII
Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family: windows Class: vulnerability
Reference(s): CVE-2012-3110
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15804
 
Oval ID: oval:org.mitre.oval:def:15804
Title: Oracle Outside In contains multiple exploitable vulnerabilities - XI
Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family: windows Class: vulnerability
Reference(s): CVE-2012-3108
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15812
 
Oval ID: oval:org.mitre.oval:def:15812
Title: Oracle Outside In contains multiple exploitable vulnerabilities - II
Description: Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
Family: windows Class: vulnerability
Reference(s): CVE-2012-1767
Version: 5
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s): Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft FAST Search Server 2010 for SharePoint
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 4

OpenVAS Exploits

Date Description
2012-10-10 Name : Microsoft FAST Search Server 2010 for SharePoint RCE Vulnerabilities (2742321)
File : nvt/secpod_ms12-067.nasl
2012-08-15 Name : MS Exchange Server WebReady Document Viewing Remote Code Execution Vulnerabil...
File : nvt/secpod_ms12-058.nasl

Snort® IPS/IDS

Date Description
2017-08-15 Oracle Outside-In JPEG2000 QCD segment processing heap buffer overflow attempt
RuleID : 43560 - Revision : 1 - Type : FILE-OTHER
2014-01-10 Oracle Outside-In JPEG2000 QCD segment processing heap buffer overflow attempt
RuleID : 23806 - Revision : 10 - Type : FILE-OTHER

Nessus® Vulnerability Scanner

Date Description
2012-10-10 Name : The remote Windows host is affected by multiple code execution vulnerabilities.
File : smb_nt_ms12-067.nasl - Type : ACT_GATHER_INFO
2012-10-09 Name : An archiving application installed on the remote host has multiple vulnerabil...
File : symantec_enterprise_vault_sym12-015.nasl - Type : ACT_GATHER_INFO
2012-09-24 Name : The remote Windows host has an application that is affected by a buffer overf...
File : groupwise_ia_803_hp1.nasl - Type : ACT_GATHER_INFO
2012-08-15 Name : The remote mail server has multiple code execution vulnerabilities.
File : smb_nt_ms12-058.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2014-02-17 11:47:25
  • Multiple Updates
2013-07-09 13:22:09
  • Multiple Updates
2012-12-28 13:19:25
  • Multiple Updates
2012-11-21 00:20:30
  • Multiple Updates
2012-11-21 00:17:04
  • Multiple Updates