7.5
CVE-2010-3964
- EPSS 93.92%
- Veröffentlicht 16.12.2010 19:33:03
- Zuletzt bearbeitet 16.06.2026 23:23:54
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Sharepoint Server Version2007 Updatesp2 Editionx32
Microsoft ≫ Sharepoint Server Version2007 Updatesp2 Editionx64
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 93.92% | 0.998 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.us-cert.gov/cas/techalerts/TA10-348A.html
http://osvdb.org/69817
http://secunia.com/advisories/42631
http://www.securityfocus.com/bid/45264
http://www.securitytracker.com/id?1024886
http://www.vupen.com/english/advisories/2010/3226
http://www.zerodayinitiative.com/advisories/ZDI-10-287/
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-104
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11737