7.5

CVE-2010-3964

EPSS 90.11%
Published 16.12.2010 19:33:03
Last modified 11.04.2025 00:51:21
Source secure@microsoft.com
Teams watchlist Login
Open Login

Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Sharepoint Server Version2007 Updatesp2 Editionx32

Microsoft ≫ Sharepoint Server Version2007 Updatesp2 Editionx64

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	90.11%	0.996

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.us-cert.gov/cas/techalerts/TA10-348A.html

US Government Resource

http://osvdb.org/69817

http://secunia.com/advisories/42631

Vendor Advisory

http://www.securityfocus.com/bid/45264

http://www.securitytracker.com/id?1024886

http://www.vupen.com/english/advisories/2010/3226

Vendor Advisory

http://www.zerodayinitiative.com/advisories/ZDI-10-287/

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-104

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11737

https://nvd.nist.gov/vuln/detail/CVE-2010-3964

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-3964

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-3964

EUVD