ID CVE-2010-3964
Summary Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability." Additional information from Microsoft can be found here: http://blogs.technet.com/b/srd/archive/2010/12/14/ms10-104-sharepoint-2007-vulnerability.aspx Per: http://cwe.mitre.org/data/definitions/434.html 'CWE-434: Unrestricted Upload of File with Dangerous Type'
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:x32:*:*:*:*:*
    cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:x32:*:*:*:*:*
  • cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:x64:*:*:*:*:*
    cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:x64:*:*:*:*:*
CVSS
Base: 7.5 (as of 12-10-2018 - 21:58)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
msbulletin via4
bulletin_id MS10-104
bulletin_url
date 2010-12-14T00:00:00
impact Remote Code Execution
knowledgebase_id 2455005
knowledgebase_url
severity Important
title Vulnerability in Microsoft SharePoint Could Allow Remote Code Execution
oval via4
accepted 2011-01-24T04:00:07.602-05:00
class vulnerability
contributors
name Josh Turpin
organization Symantec Corporation
definition_extensions
comment Microsoft Office SharePoint Server 2007 is installed.
oval oval:org.mitre.oval:def:2313
description Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability."
family windows
id oval:org.mitre.oval:def:11737
status accepted
submitted 2010-06-08T13:00:00
title Malformed Request Code Execution Vulnerability
version 7
refmap via4
bid 45264
cert TA10-348A
misc http://www.zerodayinitiative.com/advisories/ZDI-10-287/
osvdb 69817
sectrack 1024886
secunia 42631
vupen ADV-2010-3226
saint via4
bid 45264
description Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability
id win_patch_sharept200710104
osvdb 69817
title ms_sharepoint_file_upload_via_malformed_soap
type remote
Last major update 12-10-2018 - 21:58
Published 16-12-2010 - 19:33
Last modified 12-10-2018 - 21:58
Back to Top