7.5

CVE-2010-3964

EPSS 90.11%
Veröffentlicht 16.12.2010 19:33:03
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secure@microsoft.com
CVE-Watchlists
Login
Unerledigt
Login

Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Sharepoint Server Version2007 Updatesp2 Editionx32

Microsoft ≫ Sharepoint Server Version2007 Updatesp2 Editionx64

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	90.11%	0.996

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.us-cert.gov/cas/techalerts/TA10-348A.html

US Government Resource

http://osvdb.org/69817

http://secunia.com/advisories/42631

Vendor Advisory

http://www.securityfocus.com/bid/45264

http://www.securitytracker.com/id?1024886

http://www.vupen.com/english/advisories/2010/3226

Vendor Advisory

http://www.zerodayinitiative.com/advisories/ZDI-10-287/

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-104

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11737

https://nvd.nist.gov/vuln/detail/CVE-2010-3964

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-3964

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-3964

EUVD