View products that ...">MS13-067: Vulnerabilities in Microsoft SharePoint Server cou... - vulnerability database | Vulners.comView products that ...">View products that ...">View products that ...">
Lucene search

K
mskbMicrosoftKB2834052
HistorySep 10, 2013 - 12:00 a.m.

MS13-067: Vulnerabilities in Microsoft SharePoint Server could allow remote code execution: September 10, 2013

2013-09-1000:00:00
Microsoft
support.microsoft.com
74

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

<html><body><p>Resolves vulnerabilities in Microsoft Office Server software that could allow remote code execution in the context of the W3WP service account.</p><h2></h2><div><br /><a href=“#appliestoproducts” target>View products that this article applies to.</a></div><h2>Introduction</h2><div>This security update resolves vulnerabilities in Microsoft Office Server software that could allow remote code execution in the context of the W3WP service account. <br /><span></span></div><h2>Summary</h2><div>Microsoft has released security bulletin MS13-067. To view the complete security bulletin, go to one of the following Microsoft websites:<br /><ul><li>Home users:<br /><div><a href=“http://www.microsoft.com/security/pc-security/updates.aspx” target=“_self”>http://www.microsoft.com/security/pc-security/updates.aspx</a></div><span>Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br /><div><a href=“http://update.microsoft.com/microsoftupdate” target=“_self”>http://update.microsoft.com/microsoftupdate</a></div></li><li>IT professionals:<br /><div><a href=“http://technet.microsoft.com/security/bulletin/ms13-067” target=“_self”>http://technet.microsoft.com/security/bulletin/MS13-067</a></div></li></ul></div><h2></h2><div><h3>How to obtain help and support for this security update</h3>Help installing updates: <a href=“https://support.microsoft.com/ph/6527” target=“_self”>Support for Microsoft Update</a><br /><br />Security solutions for IT professionals: <a href=“http://technet.microsoft.com/security/bb980617.aspx” target=“_self”>TechNet Security Troubleshooting and Support</a><br /><br />Help protect your computer that is running Windows from viruses and malware: <a href=“https://support.microsoft.com/contactus/cu_sc_virsec_master” target=“_self”>Virus Solution and Security Center</a><br /><br />Local support according to your country: <a href=“https://support.microsoft.com/common/international.aspx” target=“_self”>International Support</a></div><h2></h2><div><h3>More information about this security update</h3><h4>Known issues and additional information about this security update</h4>The following articles contain additional information about this security update as it relates to individual product versions. These articles may contain known issue information. If this is the case, the known issue is listed below each article link. <br /><br /><h5>SharePoint Server</h5><br /><span>Note</span> After you install any of the following SharePoint Server security updates, you have to run the PSconfig tool to complete the installation.<br /><br /><ul><li><a href=“https://support.microsoft.com/en-us/help/2810083”>2810083 </a> MS13-067: Description of the security update for SharePoint Server 2013 (coreserverloc): September 10, 2013<br /><br /></li><li><a href=“https://support.microsoft.com/en-us/help/2817305”>2817305 </a> MS13-067: Description of the security update for SharePoint Server 2013 (wacserver): September 10, 2013 <br /></li><li><a href=“https://support.microsoft.com/en-us/help/2817315”>2817315 </a> MS13-067: Description of the security update for SharePoint Foundation 2013: September 10, 2013 <br /></li><li><a href=“https://support.microsoft.com/en-us/help/2817393”>2817393 </a> MS13-067: Description of the security update for SharePoint Server 2010 (coreserver): September 10, 2013 <br /></li><li><a href=“https://support.microsoft.com/en-us/help/2817372”>2817372 </a> MS13-067: Description of the security update for SharePoint Server 2010 (wosrv): September 10, 2013 <br /></li><li><a href=“https://support.microsoft.com/en-us/help/2810067”>2810067 </a> MS13-067: Description of the security update for SharePoint Foundation 2010: September 10, 2013 <br /></li></ul><h5>SharePoint Services</h5><br /><span>Note</span> After you install any of the following SharePoint Services security updates, you have to run the PSconfig tool to complete the installation.<br /><br /><br /><br /><ul><li><a href=“https://support.microsoft.com/en-us/help/2760420”>2760420 </a> MS13-067: Description of the security update for Windows SharePoint Services 3.0: September 10, 2013</li><li><a href=“https://support.microsoft.com/en-us/help/2810061”>2810061 </a> MS13-067: Description of the security update for Windows SharePoint Services 2.0: September 10, 2013</li></ul><h5>Office Web Services</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2760595”>2760595 </a> MS13-067: Description of the security update for Excel Services in SharePoint Server 2010: September 10, 2013</li><li><a href=“https://support.microsoft.com/en-us/help/2760589”>2760589 </a> MS13-067: Description of the security update for Excel Services in SharePoint Server 2007: September 10, 2013</li><li><a href=“https://support.microsoft.com/en-us/help/2553408”>2553408 </a> MS13-067: Description of the security update for InfoPath Forms Services in SharePoint 2010: September 10, 2013</li><li><a href=“https://support.microsoft.com/en-us/help/2760755”>2760755 </a> MS13-067: Description of the security update for Word Automation Services in SharePoint Server 2010: September 10, 2013</li></ul><h5>Office Online</h5><ul><li><a href=“https://support.microsoft.com/en-us/help/2760594”>2760594 </a> MS13-067: Description of the security update for Excel Online: September 10, 2013</li><li><a href=“https://support.microsoft.com/en-us/help/NNNNN2”></a><a href=“https://support.microsoft.com/en-us/help/2817384”>2817384 </a> MS13-067: Description of the security update for Word Online: September 10, 2013</li></ul></div><h2></h2><div><div><div><div><span><span></span></span><span><span>File hash information</span></span></div><div><span><div><div><table><tr><th>File name</th><th>SHA1 hash</th><th>SHA256 hash</th></tr><tr><td>acsrv2010-kb2553298-fullfile-x64-glb.exe</td><td>122AE7B80155F45F217F366BD2F9D4A99527F14A</td><td>D62785F2FEDF55057F8512E53FD8EE71B2C3D4CA1E2888C16D95326D19DDEF2B</td></tr><tr><td>lpsrv2010-kb2553408-fullfile-x64-glb.exe</td><td>E586AC1E65F16880847D6E6CCEFF45C3CC082AEB</td><td>54905C43EC42C9149C0FDB0683D3B4A21BE97EF18DD9B38A83B6171EF9E4463F</td></tr><tr><td>pjsrv2010-kb2553430-fullfile-x64-glb.exe</td><td>8D97F6BABEAD29D1DD7D06AD631BEA5584167FE1</td><td>3FF4F679565F7DF2B6DA0D1503D4324293DE70BEA967FCCCBD59877882CB572F</td></tr><tr><td>ppsma2010-kb2553341-fullfile-x64-glb.exe</td><td>B59A1860FE9AC5499AA5D673AA13B120636BC78D</td><td>68475D3499CF2109A605185690E052F29810A84A2401C51878B78836735FD362</td></tr><tr><td>sts2007-kb2760420-fullfile-x64-glb.exe</td><td>D04120B3D923E73F4098007966A1C236E6A0217B</td><td>8CA13F2965FB44C35791857FB300E0C8D4F573BB6518693678A1F2B58849BEE0</td></tr><tr><td>sts2007-kb2760420-fullfile-x86-glb.exe</td><td>6C92539E2E7BDEDFB760DDB69800FCF7E800C908</td><td>D9F3170B68A1A8A92AACC27C48560CEDE4606997E67BE5149B907F8DBB551DE3</td></tr><tr><td>vsrv2010-kb2553219-fullfile-x64-glb.exe</td><td>06C594E6DABF92474192DC6D971FD1206C49A4EC</td><td>63A63D9F3746AF081D81B54E4D6B686CCB1CA5AC3F03CAFFD51DF71C681DC401</td></tr><tr><td>wdsrv2010-kb2760755-fullfile-x64-glb.exe</td><td>F55883F6C0D5A5EDD2F04747880159D96A72743F</td><td>5B4F1B2D87C63D0B9DCB017FF5B09ED309A7C8402AD34694FACEB1F43150E126</td></tr><tr><td>xlsrv2010-kb2760595-fullfile-x64-glb.exe</td><td>B4D49782733AC2158F1C07177DB44320A543AC34</td><td>CAA100BC32C152A21E0391D3779360E70F8062006C938A7E2D3F51F378C0ECF0</td></tr><tr><td>xlwac2010-kb2760594-fullfile-x64-glb.exe</td><td>722CDD51E9AF23F29372D020938AEFC5DA350096</td><td>E7116450C7F9304939EFA1F74B9D0E2655243455964478DA485229CD7D55EBF3</td></tr></table></div></div><br /></span></div></div></div></div><h2></h2><div><a></a><br /><h3>Applies to</h3>This article applies to the following:<br /><ul><li>Microsoft SharePoint Server 2013</li><li>Microsoft SharePoint Foundation 2013</li><li>Microsoft SharePoint Server 2010 Service Pack 2</li><li>Microsoft SharePoint Server 2010 Service Pack 1</li><li>Microsoft SharePoint Foundation 2010</li><li>Microsoft Windows SharePoint Services 3.0</li><li>Microsoft Windows SharePoint Services 2.0</li><li>Excel Services in Microsoft SharePoint Server 2010</li><li>Excel Services in Microsoft Office SharePoint Server 2007</li><li>InfoPath Forms Services in SharePoint 2010</li><li>Word Automation Services in SharePoint Server 2010</li><li>Microsoft Excel Online</li><li>Microsoft Word Online</li></ul></div></body></html>

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C