DATABASE RESOURCES PRICING ABOUT US

{"id": "OPENVAS:1361412562310902999", "type": "openvas", "bulletinFamily": "scanner", "title": "Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (2858300)", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-073.", "published": "2013-09-11T00:00:00", "modified": "2020-06-09T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902999", "reporter": "Copyright (C) 2013 SecPod", "references": ["http://support.microsoft.com/kb/2760588", "https://technet.microsoft.com/en-us/security/bulletin/ms13-073"], "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "lastseen": "2020-06-10T19:53:54", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2013-2914", "CPAI-2013-2915"]}, {"type": "cve", "idList": ["CVE-2013-1315", "CVE-2013-3158", "CVE-2013-3159"]}, {"type": "mskb", "idList": ["KB2834052", "KB2858300"]}, {"type": "nessus", "idList": ["MACOSX_MS13-073.NASL", "SMB_NT_MS13-067.NASL", "SMB_NT_MS13-073.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310902996", "OPENVAS:1361412562310902997", "OPENVAS:1361412562310902998", "OPENVAS:1361412562310903324", "OPENVAS:1361412562310903325", "OPENVAS:902996", "OPENVAS:902997", "OPENVAS:902998", "OPENVAS:902999"]}, {"type": "ptsecurity", "idList": ["PT-2013-72"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13276", "SECURITYVULNS:VULN:13278"]}, {"type": "seebug", "idList": ["SSV:61002"]}, {"type": "symantec", "idList": ["SMNTC-62167", "SMNTC-62219", "SMNTC-62225"]}], "rev": 4}, "score": {"value": 0.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2013-2914", "CPAI-2013-2915"]}, {"type": "cve", "idList": ["CVE-2013-1315"]}, {"type": "mskb", "idList": ["KB2858300"]}, {"type": "nessus", "idList": ["SMB_NT_MS13-067.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310902996"]}, {"type": "ptsecurity", "idList": ["PT-2013-72"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13276"]}, {"type": "seebug", "idList": ["SSV:61002"]}]}, "exploitation": null, "vulnersScore": 0.7}, "pluginID": "1361412562310902999", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (2858300)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902999\");\n script_version(\"2020-06-09T08:59:39+0000\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 08:59:39 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 13:54:46 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (2858300)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS13-073.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists when processing XML data, which can be exploited to\n disclose contents of certain local files by sending specially crafted XML\n data including external entity references.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Office Compatibility Pack Service Pack 3 and prior.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to corrupt memory and\n disclose sensitive information.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2760588\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/ComptPack/Version\", \"SMB/Office/XLCnv/Version\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\n\ncmpPckVer = get_kb_item(\"SMB/Office/ComptPack/Version\");\nif(cmpPckVer && cmpPckVer =~ \"^12\\.\")\n{\n xlcnvVer = get_kb_item(\"SMB/Office/XLCnv/Version\");\n if(xlcnvVer && xlcnvVer =~ \"^12\\.\")\n {\n if(version_in_range(version:xlcnvVer, test_version:\"12.0\", test_version2:\"12.0.6679.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n}\n", "naslFamily": "Windows : Microsoft Bulletins", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 1659730939}}

{"mskb": [{"lastseen": "2021-01-01T22:40:11", "description": "<html><body><p>This security update addresses the vulnerabilities by correcting how Microsoft Excel and other affected Microsoft software validates data when parsing specially crafted Office files and by correcting how the XML parser used by Excel resolves external entities within a specially crafted file.</p><h2>INTRODUCTION</h2><div class=\"kb-summary-section section\">Microsoft has released security bulletin MS13-073. To view the complete security bulletin, visit one of the following Microsoft websites: <ul class=\"sbody-free_list\"><li>Home users:<div class=\"indent\"><a href=\"http://www.microsoft.com/security/pc-security/updates.aspx\" id=\"kb-link-1\" target=\"_self\">http://www.microsoft.com/security/pc-security/updates.aspx</a></div><span class=\"text-base\">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br/><div class=\"indent\"><a href=\"http://update.microsoft.com/microsoftupdate/\" id=\"kb-link-2\" target=\"_self\">http://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<div class=\"indent\"><a href=\"http://technet.microsoft.com/security/bulletin/ms13-073\" id=\"kb-link-3\" target=\"_self\">http://technet.microsoft.com/security/bulletin/MS13-073</a></div></li></ul><h3 class=\"sbody-h3\">How to obtain help and support for this security update</h3> Help installing updates: <a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-4\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <br/><a href=\"http://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-5\" target=\"_self\">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your computer that is running Windows from viruses and malware:<br/><a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-6\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <br/><a href=\"https://support.microsoft.com/common/international.aspx\" id=\"kb-link-7\" target=\"_self\">International Support</a><br/><br/></div><h2></h2><div class=\"kb-moreinformation-section section\"><h3 class=\"sbody-h3\">Known issues and additional information about this security update</h3>The following articles contain additional information about this security update as it relates to individual product versions. These articles may contain known issue information. If this is the case, the known issue is listed below each article link. <ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2760583\" id=\"kb-link-8\">2760583 </a> MS13-073: Description of the security update for Microsoft Office Excel 2007: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2760588\" id=\"kb-link-9\">2760588 </a> MS13-073: Description of the security update for Microsoft Excel 2007 (xlconv-x-none.msp): September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2760590\" id=\"kb-link-10\">2760590 </a> MS13-073: Description of the security update for Microsoft Office Excel Viewer 2007: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2760597\" id=\"kb-link-11\">2760597 </a> MS13-073: Description of the security update for Microsoft Excel 2010: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2768017\" id=\"kb-link-12\">2768017 </a> MS13-073: Description of the security update for Microsoft Excel 2013: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2810048\" id=\"kb-link-13\">2810048 </a> MS13-073: Description of the security update for Microsoft Excel 2003: September 10, 2013</li></ul><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">File hash information</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\"><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">SHA1 hash</th><th class=\"sbody-th\">SHA256 hash</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">excel2007-kb2760583-fullfile-x86-glb.exe</td><td class=\"sbody-td\">8FD16A3D1C4DA075891721202BC5734B75229F21</td><td class=\"sbody-td\">A741EA7CE7FABB40D011C3141EBBB06C6B6473DB23B57D90A8A52A24A5820AE0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">excel2010-kb2760597-fullfile-x64-glb.exe</td><td class=\"sbody-td\">EA9BEBA1E7D06C13531A67671A5E73259FBDE93D</td><td class=\"sbody-td\">134497AEA1D38DB03032CD58BFF4B619D8CD16938709E1EE7F73EDFCE59A6CDF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">excel2010-kb2760597-fullfile-x86-glb.exe</td><td class=\"sbody-td\">0A329ED77A783DBAE7DB221DEA444E2508671A38</td><td class=\"sbody-td\">FE471E005A512AD64B9F4DD9CE653741A7874E6088D48E6BD78F3C582191832A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">graph2010-kb2687275-fullfile-x64-glb.exe</td><td class=\"sbody-td\">07D569E5CA650CB5E4BDF090E4BE6EAC91511018</td><td class=\"sbody-td\">98999DDB40B437D0A2E9C9DA6827F6A369F7D914E0FF1E6F0A8AD468797CFC13</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">graph2010-kb2687275-fullfile-x86-glb.exe</td><td class=\"sbody-td\">71598A0D6E189AD0D4E4785EC5ACC2A4F4823814</td><td class=\"sbody-td\">32458E0DDDBD6D9805C94E419B567050AE0943CFC8B333FBAAA7734033F38AE2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wdsrv2010-kb2760755-fullfile-x64-glb.exe</td><td class=\"sbody-td\">F55883F6C0D5A5EDD2F04747880159D96A72743F</td><td class=\"sbody-td\">5B4F1B2D87C63D0B9DCB017FF5B09ED309A7C8402AD34694FACEB1F43150E126</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlconv2007-kb2760588-fullfile-x86-glb.exe</td><td class=\"sbody-td\">60F61CB663E9562E32799E2188D11DB346313E31</td><td class=\"sbody-td\">6644B99D1A83B7D32D8D9C8A90FEE7742160A3B6F020FE3BF303FE454CD0ABEB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlsrv2010-kb2760595-fullfile-x64-glb.exe</td><td class=\"sbody-td\">B4D49782733AC2158F1C07177DB44320A543AC34</td><td class=\"sbody-td\">CAA100BC32C152A21E0391D3779360E70F8062006C938A7E2D3F51F378C0ECF0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlsrvapp2007-kb2760589-fullfile-x64-glb.exe</td><td class=\"sbody-td\">B188BF54191B670760C514ED44A8066FC03A528A</td><td class=\"sbody-td\">295C2683D3D0BC90604694735F1C20C98B350217BEC7BCB8F0E35A8567F9D768</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlsrvapp2007-kb2760589-fullfile-x86-glb.exe</td><td class=\"sbody-td\">6E90D96E807A8694CEBFA1459F2AB696FDD56DF6</td><td class=\"sbody-td\">6AA3CC62A521B10629C4998567A63A3BEC61F48243780AA79C40F96FAF7B8B44</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlview2007-kb2760590-fullfile-x86-glb.exe</td><td class=\"sbody-td\">55C7B6442366AFC6EACFDF6047EA9F1335933B0D</td><td class=\"sbody-td\">EF672F28301954566CC33E9425155729AF1EF9E350EB055E735DF464DB1A9F95</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlwac2010-kb2760594-fullfile-x64-glb.exe</td><td class=\"sbody-td\">722CDD51E9AF23F29372D020938AEFC5DA350096</td><td class=\"sbody-td\">E7116450C7F9304939EFA1F74B9D0E2655243455964478DA485229CD7D55EBF3</td></tr></table></div></div><br/></span></div></div></div></div></body></html>", "edition": 2, "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "mskb", "title": "MS13-073: Vulnerabilities in Microsoft Excel could allow remote code execution: September 10, 2013", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2013-09-10T17:10:48", "id": "KB2858300", "href": "https://support.microsoft.com/en-us/help/2858300/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:49:53", "description": "<html><body><p>Resolves vulnerabilities in Microsoft Office Server software that could allow remote code execution in the context of the W3WP service account.</p><h2></h2><div class=\"kb-summary-section section\"><br/><a bookmark-id=\"appliestoproducts\" href=\"#appliestoproducts\" managed-link=\"\" target=\"\">View products that this article applies to.</a></div><h2>Introduction</h2><div class=\"kb-summary-section section\">This security update resolves vulnerabilities in Microsoft Office Server software that could allow remote code execution in the context of the W3WP service account. <br/><span></span></div><h2>Summary</h2><div class=\"kb-summary-section section\">Microsoft has released security bulletin MS13-067. To view the complete security bulletin, go to one of the following Microsoft websites:<br/><ul class=\"sbody-free_list\"><li>Home users:<br/><div class=\"indent\"><a href=\"http://www.microsoft.com/security/pc-security/updates.aspx\" id=\"kb-link-1\" target=\"_self\">http://www.microsoft.com/security/pc-security/updates.aspx</a></div><span class=\"text-base\">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br/><div class=\"indent\"><a href=\"http://update.microsoft.com/microsoftupdate\" id=\"kb-link-2\" target=\"_self\">http://update.microsoft.com/microsoftupdate</a></div></li><li>IT professionals:<br/><div class=\"indent\"><a href=\"http://technet.microsoft.com/security/bulletin/ms13-067\" id=\"kb-link-3\" target=\"_self\">http://technet.microsoft.com/security/bulletin/MS13-067</a></div></li></ul></div><h2></h2><div class=\"kb-summary-section section\"><h3 class=\"sbody-h3\">How to obtain help and support for this security update</h3>Help installing updates: <a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-4\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <a href=\"http://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-5\" target=\"_self\">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your computer that is running Windows from viruses and malware: <a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-6\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <a href=\"https://support.microsoft.com/common/international.aspx\" id=\"kb-link-7\" target=\"_self\">International Support</a></div><h2></h2><div class=\"kb-moreinformation-section section\"><h3 class=\"sbody-h3\">More information about this security update</h3><h4 class=\"sbody-h4\">Known issues and additional information about this security update</h4>The following articles contain additional information about this security update as it relates to individual product versions. These articles may contain known issue information. If this is the case, the known issue is listed below each article link. <br/><br/><h5 class=\"sbody-h5 text-subtitle\">SharePoint Server</h5><br/><span class=\"text-base\">Note</span> After you install any of the following SharePoint Server security updates, you have to run the PSconfig tool to complete the installation.<br/><br/><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2810083\" id=\"kb-link-8\">2810083 </a> MS13-067: Description of the security update for SharePoint Server 2013 (coreserverloc): September 10, 2013<br/><br/></li><li><a href=\"https://support.microsoft.com/en-us/help/2817305\" id=\"kb-link-9\">2817305 </a> MS13-067: Description of the security update for SharePoint Server 2013 (wacserver): September 10, 2013 <br/></li><li><a href=\"https://support.microsoft.com/en-us/help/2817315\" id=\"kb-link-10\">2817315 </a> MS13-067: Description of the security update for SharePoint Foundation 2013: September 10, 2013 <br/></li><li><a href=\"https://support.microsoft.com/en-us/help/2817393\" id=\"kb-link-11\">2817393 </a> MS13-067: Description of the security update for SharePoint Server 2010 (coreserver): September 10, 2013 <br/></li><li><a href=\"https://support.microsoft.com/en-us/help/2817372\" id=\"kb-link-12\">2817372 </a> MS13-067: Description of the security update for SharePoint Server 2010 (wosrv): September 10, 2013 <br/></li><li><a href=\"https://support.microsoft.com/en-us/help/2810067\" id=\"kb-link-13\">2810067 </a> MS13-067: Description of the security update for SharePoint Foundation 2010: September 10, 2013 <br/></li></ul><h5 class=\"sbody-h5 text-subtitle\">SharePoint Services</h5><br/><span class=\"text-base\">Note</span> After you install any of the following SharePoint Services security updates, you have to run the PSconfig tool to complete the installation.<br/><br/><br/><br/><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2760420\" id=\"kb-link-14\">2760420 </a> MS13-067: Description of the security update for Windows SharePoint Services 3.0: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2810061\" id=\"kb-link-15\">2810061 </a> MS13-067: Description of the security update for Windows SharePoint Services 2.0: September 10, 2013</li></ul><h5 class=\"sbody-h5 text-subtitle\">Office Web Services</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2760595\" id=\"kb-link-16\">2760595 </a> MS13-067: Description of the security update for Excel Services in SharePoint Server 2010: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2760589\" id=\"kb-link-17\">2760589 </a> MS13-067: Description of the security update for Excel Services in SharePoint Server 2007: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2553408\" id=\"kb-link-18\">2553408 </a> MS13-067: Description of the security update for InfoPath Forms Services in SharePoint 2010: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2760755\" id=\"kb-link-19\">2760755 </a> MS13-067: Description of the security update for Word Automation Services in SharePoint Server 2010: September 10, 2013</li></ul><h5 class=\"sbody-h5 text-subtitle\">Office Online</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2760594\" id=\"kb-link-20\">2760594 </a> MS13-067: Description of the security update for Excel Online: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/NNNNN2\" id=\"kb-link-21\"></a><a href=\"https://support.microsoft.com/en-us/help/2817384\" id=\"kb-link-22\">2817384 </a> MS13-067: Description of the security update for Word Online: September 10, 2013</li></ul></div><h2></h2><div class=\"kb-moreinformation-section section\"><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">File hash information</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\"><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">SHA1 hash</th><th class=\"sbody-th\">SHA256 hash</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">acsrv2010-kb2553298-fullfile-x64-glb.exe</td><td class=\"sbody-td\">122AE7B80155F45F217F366BD2F9D4A99527F14A</td><td class=\"sbody-td\">D62785F2FEDF55057F8512E53FD8EE71B2C3D4CA1E2888C16D95326D19DDEF2B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">lpsrv2010-kb2553408-fullfile-x64-glb.exe</td><td class=\"sbody-td\">E586AC1E65F16880847D6E6CCEFF45C3CC082AEB</td><td class=\"sbody-td\">54905C43EC42C9149C0FDB0683D3B4A21BE97EF18DD9B38A83B6171EF9E4463F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">pjsrv2010-kb2553430-fullfile-x64-glb.exe</td><td class=\"sbody-td\">8D97F6BABEAD29D1DD7D06AD631BEA5584167FE1</td><td class=\"sbody-td\">3FF4F679565F7DF2B6DA0D1503D4324293DE70BEA967FCCCBD59877882CB572F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ppsma2010-kb2553341-fullfile-x64-glb.exe</td><td class=\"sbody-td\">B59A1860FE9AC5499AA5D673AA13B120636BC78D</td><td class=\"sbody-td\">68475D3499CF2109A605185690E052F29810A84A2401C51878B78836735FD362</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">sts2007-kb2760420-fullfile-x64-glb.exe</td><td class=\"sbody-td\">D04120B3D923E73F4098007966A1C236E6A0217B</td><td class=\"sbody-td\">8CA13F2965FB44C35791857FB300E0C8D4F573BB6518693678A1F2B58849BEE0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">sts2007-kb2760420-fullfile-x86-glb.exe</td><td class=\"sbody-td\">6C92539E2E7BDEDFB760DDB69800FCF7E800C908</td><td class=\"sbody-td\">D9F3170B68A1A8A92AACC27C48560CEDE4606997E67BE5149B907F8DBB551DE3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">vsrv2010-kb2553219-fullfile-x64-glb.exe</td><td class=\"sbody-td\">06C594E6DABF92474192DC6D971FD1206C49A4EC</td><td class=\"sbody-td\">63A63D9F3746AF081D81B54E4D6B686CCB1CA5AC3F03CAFFD51DF71C681DC401</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wdsrv2010-kb2760755-fullfile-x64-glb.exe</td><td class=\"sbody-td\">F55883F6C0D5A5EDD2F04747880159D96A72743F</td><td class=\"sbody-td\">5B4F1B2D87C63D0B9DCB017FF5B09ED309A7C8402AD34694FACEB1F43150E126</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlsrv2010-kb2760595-fullfile-x64-glb.exe</td><td class=\"sbody-td\">B4D49782733AC2158F1C07177DB44320A543AC34</td><td class=\"sbody-td\">CAA100BC32C152A21E0391D3779360E70F8062006C938A7E2D3F51F378C0ECF0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlwac2010-kb2760594-fullfile-x64-glb.exe</td><td class=\"sbody-td\">722CDD51E9AF23F29372D020938AEFC5DA350096</td><td class=\"sbody-td\">E7116450C7F9304939EFA1F74B9D0E2655243455964478DA485229CD7D55EBF3</td></tr></table></div></div><br/></span></div></div></div></div><h2></h2><div class=\"kb-moreinformation-section section\"><a class=\"bookmark\" id=\"appliestoproducts\"></a><br/><h3 class=\"sbody-h3\">Applies to</h3>This article applies to the following:<br/><ul class=\"sbody-free_list\"><li>Microsoft SharePoint Server 2013</li><li>Microsoft SharePoint Foundation 2013</li><li>Microsoft SharePoint Server 2010 Service Pack 2</li><li>Microsoft SharePoint Server 2010 Service Pack 1</li><li>Microsoft SharePoint Foundation 2010</li><li>Microsoft Windows SharePoint Services 3.0</li><li>Microsoft Windows SharePoint Services 2.0</li><li>Excel Services in Microsoft SharePoint Server 2010</li><li>Excel Services in Microsoft Office SharePoint Server 2007</li><li>InfoPath Forms Services in SharePoint 2010</li><li>Word Automation Services in SharePoint Server 2010</li><li>Microsoft Excel Online</li><li>Microsoft Word Online</li></ul></div></body></html>", "edition": 2, "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "mskb", "title": "MS13-067: Vulnerabilities in Microsoft SharePoint Server could allow remote code execution: September 10, 2013", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3847", "CVE-2013-3849", "CVE-2013-0081", "CVE-2013-1330", "CVE-2013-3857", "CVE-2013-3848", "CVE-2013-3179", "CVE-2013-3858", "CVE-2013-1315", "CVE-2013-3180"], "modified": "2014-04-18T03:03:01", "id": "KB2834052", "href": "https://support.microsoft.com/en-us/help/2834052/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-02T21:11:03", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Excel Remote Code Execution Vulnerabilities (2858300)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2017-05-11T00:00:00", "id": "OPENVAS:902997", "href": "http://plugins.openvas.org/nasl.php?oid=902997", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms_excel_ms13-073.nasl 6104 2017-05-11 09:03:48Z teissa $\n#\n# Microsoft Office Excel Remote Code Execution Vulnerabilities (2858300)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(902997);\n script_version(\"$Revision: 6104 $\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-11 11:03:48 +0200 (Thu, 11 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 13:11:33 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Excel Remote Code Execution Vulnerabilities (2858300)\");\n\n tag_summary =\n\"This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws exists when processing XML data, which can be exploited to\ndisclose contents of certain local files by sending specially crafted XML\ndata including external entity references.\";\n\n tag_impact =\n\"Successful exploitation will allow remote attackers to corrupt memory and\ndisclose sensitive information.\n\nImpact Level: Application \";\n\n tag_affected =\n\"Microsoft Excel 2013\nMicrosoft Excel 2003 Service Pack 3 and prior\nMicrosoft Excel 2007 Service Pack 3 and prior\nMicrosoft Excel 2010 Service Pack 2 and prior\";\n\n tag_solution =\n\"Run Windows Update and update the listed hotfixes or download and update\nmentioned hotfixes in the advisory from the below link,\nhttps://technet.microsoft.com/en-us/security/bulletin/ms13-073\";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2810048\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2760583\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2760597\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2768017\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/Excel/Version\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\n\n# Variable Initialization\nexcelVer = \"\";\n\n## Check for Office Excel 2003/2007/2010/2013\nexcelVer = get_kb_item(\"SMB/Office/Excel/Version\");\nif(excelVer =~ \"^(11|12|14|15)\\..*\")\n{\n ## Check version Excel.exe\n if(version_in_range(version:excelVer, test_version:\"11.0\", test_version2:\"11.0.8403\") ||\n version_in_range(version:excelVer, test_version:\"12.0\", test_version2:\"12.0.6679.4999\") ||\n version_in_range(version:excelVer, test_version:\"14.0\", test_version2:\"14.0.7104.4999\") ||\n version_in_range(version:excelVer, test_version:\"15.0\", test_version2:\"15.0.4535.1002\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-01-08T14:02:23", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Excel Remote Code Execution Vulnerabilities (2858300)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2019-12-20T00:00:00", "id": "OPENVAS:1361412562310902997", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902997", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Excel Remote Code Execution Vulnerabilities (2858300)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902997\");\n script_version(\"2019-12-20T10:24:46+0000\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-20 10:24:46 +0000 (Fri, 20 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 13:11:33 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Excel Remote Code Execution Vulnerabilities (2858300)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS13-073.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists when processing XML data, which can be exploited to\n disclose contents of certain local files by sending specially crafted XML data including external entity references.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Excel 2013\n\n - Microsoft Excel 2003 Service Pack 3 and prior\n\n - Microsoft Excel 2007 Service Pack 3 and prior\n\n - Microsoft Excel 2010 Service Pack 2 and prior\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to corrupt memory and\n disclose sensitive information.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2810048\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2760583\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2760597\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2768017\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/Excel/Version\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\n\nexcelVer = get_kb_item(\"SMB/Office/Excel/Version\");\nif(excelVer =~ \"^1[1245]\\.\")\n{\n if(version_in_range(version:excelVer, test_version:\"11.0\", test_version2:\"11.0.8403\") ||\n version_in_range(version:excelVer, test_version:\"12.0\", test_version2:\"12.0.6679.4999\") ||\n version_in_range(version:excelVer, test_version:\"14.0\", test_version2:\"14.0.7104.4999\") ||\n version_in_range(version:excelVer, test_version:\"15.0\", test_version2:\"15.0.4535.1002\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:11:10", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Excel Viewer Remote Code Execution Vulnerabilities (2858300)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2017-05-12T00:00:00", "id": "OPENVAS:902998", "href": "http://plugins.openvas.org/nasl.php?oid=902998", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms_excel_viewer_ms13-073.nasl 6115 2017-05-12 09:03:25Z teissa $\n#\n# Microsoft Office Excel Viewer Remote Code Execution Vulnerabilities (2858300)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(902998);\n script_version(\"$Revision: 6115 $\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-12 11:03:25 +0200 (Fri, 12 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 13:36:18 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Excel Viewer Remote Code Execution Vulnerabilities (2858300)\");\n\n tag_summary =\n\"This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws exists when processing XML data, which can be exploited to\ndisclose contents of certain local files by sending specially crafted XML\ndata including external entity references.\";\n\n tag_impact =\n\"Successful exploitation will allow remote attackers to corrupt memory and\ndisclose sensitive information.\n\nImpact Level: Application \";\n\n tag_affected =\n\"Microsoft Office Excel Viewer 2007\";\n\n tag_solution =\n\"Run Windows Update and update the listed hotfixes or download and update\nmentioned hotfixes in the advisory from the below link,\nhttps://technet.microsoft.com/en-us/security/bulletin/ms13-073\";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/54739\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2760590\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/XLView/Version\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\n\n# Variable Initialization\nexcelviewVer = \"\";\n\n## Microsoft Office Excel Viewer 2007\nexcelviewVer = get_kb_item(\"SMB/Office/XLView/Version\");\nif(excelviewVer =~ \"^12\\..*\")\n{\n ## check for Xlview.exe version\n if(version_in_range(version:excelviewVer, test_version:\"12.0\", test_version2:\"12.0.6679.4999\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:07", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (2858300)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2017-05-08T00:00:00", "id": "OPENVAS:902999", "href": "http://plugins.openvas.org/nasl.php?oid=902999", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms_office_compatibility_pack_ms13-073.nasl 6079 2017-05-08 09:03:33Z teissa $\n#\n# Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (2858300)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(902999);\n script_version(\"$Revision: 6079 $\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-08 11:03:33 +0200 (Mon, 08 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 13:54:46 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (2858300)\");\n\n tag_summary =\n\"This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws exists when processing XML data, which can be exploited to\ndisclose contents of certain local files by sending specially crafted XML\ndata including external entity references.\";\n\n tag_impact =\n\"Successful exploitation will allow remote attackers to corrupt memory and\ndisclose sensitive information.\n\nImpact Level: Application \";\n\n tag_affected =\n\"Microsoft Office Compatibility Pack Service Pack 3 and prior\";\n\n tag_solution =\n\"Run Windows Update and update the listed hotfixes or download and update\nmentioned hotfixes in the advisory from the below link,\nhttps://technet.microsoft.com/en-us/security/bulletin/ms13-073\";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/54739\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2760588\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/ComptPack/Version\", \"SMB/Office/XLCnv/Version\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\n\n# Variable Initialization\nxlcnvVer = \"\";\n\n## Check for Office Compatibility Pack 2007 and 2007\nif(get_kb_item(\"SMB/Office/ComptPack/Version\") =~ \"^12\\..*\")\n{\n xlcnvVer = get_kb_item(\"SMB/Office/XLCnv/Version\");\n if(xlcnvVer)\n {\n ## Check for Office Excel Converter 2007\n if(version_in_range(version:xlcnvVer, test_version:\"12.0\", test_version2:\"12.0.6679.4999\"))\n {\n security_message(0);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:15", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Remote Code Execution Vulnerabilities-2858300 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2016-11-18T00:00:00", "id": "OPENVAS:902996", "href": "http://plugins.openvas.org/nasl.php?oid=902996", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms13-073_macosx.nasl 4570 2016-11-18 10:17:05Z antu123 $\n#\n# Microsoft Office Remote Code Execution Vulnerabilities-2858300 (Mac OS X)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(902996);\n script_version(\"$Revision: 4570 $\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-11-18 11:17:05 +0100 (Fri, 18 Nov 2016) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 12:29:56 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Remote Code Execution Vulnerabilities-2858300 (Mac OS X)\");\n\n tag_summary =\n\"This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws exists when processing XML data, which can be exploited to\ndisclose contents of certain local files by sending specially crafted XML\ndata including external entity references.\";\n\n tag_impact =\n\"Successful exploitation will allow remote attackers to corrupt memory and\ndisclose sensitive information.\n\n Impact Level: Application \";\n\n tag_affected =\n\"Microsoft Office 2011 on Mac OS X\";\n\n tag_solution =\n\"Apply the patch from below link,\n http://technet.microsoft.com/en-us/security/bulletin/ms13-073 \";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/54739/\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gb_microsoft_office_detect_macosx.nasl\");\n script_mandatory_keys(\"MS/Office/MacOSX/Ver\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\noffVer = \"\";\n\n## Get the version from KB\noffVer = get_kb_item(\"MS/Office/MacOSX/Ver\");\n\n## check the version from KB\nif(!offVer || !(offVer =~ \"^(14)\")){\n exit(0);\n}\n\n## Check for Office Version < 2011 (14.3.7)\nif(version_in_range(version:offVer, test_version:\"14.0\", test_version2:\"14.3.6\"))\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-06-10T19:53:15", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Remote Code Execution Vulnerabilities-2858300 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310902996", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902996", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Remote Code Execution Vulnerabilities-2858300 (Mac OS X)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902996\");\n script_version(\"2020-06-09T08:59:39+0000\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 08:59:39 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 12:29:56 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Remote Code Execution Vulnerabilities-2858300 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS13-073.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced advisory.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists when processing XML data, which can be exploited to\n disclose contents of certain local files by sending specially crafted XML data including external entity references.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Office 2011 on Mac OS X.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to corrupt memory and\n disclose sensitive information.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-073\");\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gb_microsoft_office_detect_macosx.nasl\");\n script_mandatory_keys(\"MS/Office/MacOSX/Ver\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noffVer = get_kb_item(\"MS/Office/MacOSX/Ver\");\n\nif(!offVer || offVer !~ \"^14\\.\"){\n exit(0);\n}\n\nif(version_in_range(version:offVer, test_version:\"14.0\", test_version2:\"14.3.6\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-10T19:53:10", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Excel Viewer Remote Code Execution Vulnerabilities (2858300)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310902998", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902998", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Excel Viewer Remote Code Execution Vulnerabilities (2858300)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902998\");\n script_version(\"2020-06-09T08:59:39+0000\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 08:59:39 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 13:36:18 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Excel Viewer Remote Code Execution Vulnerabilities (2858300)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS13-073.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists when processing XML data, which can be exploited to\n disclose contents of certain local files by sending specially crafted XML data including external entity references.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Office Excel Viewer 2007.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to corrupt memory and\n disclose sensitive information.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2760590\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/XLView/Version\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\n\n## Microsoft Office Excel Viewer 2007\nexcelviewVer = get_kb_item(\"SMB/Office/XLView/Version\");\nif(excelviewVer =~ \"^12\\.\")\n{\n if(version_in_range(version:excelviewVer, test_version:\"12.0\", test_version2:\"12.0.6679.4999\"))\n {\n report = report_fixed_ver(installed_version:excelviewVer, vulnerable_range:\"12.0 - 12.0.6679.4999\");\n security_message(port: 0, data: report);\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-08T14:02:56", "description": "This host is missing an important security update according to Microsoft\n Bulletin MS13-067.", "cvss3": {}, "published": "2013-10-09T00:00:00", "type": "openvas", "title": "Microsoft Office Services Remote Code Execution vulnerability (2834052)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0081", "CVE-2013-1330", "CVE-2013-3179", "CVE-2013-1315", "CVE-2013-3180"], "modified": "2020-01-07T00:00:00", "id": "OPENVAS:1361412562310903325", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903325", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Services Remote Code Execution vulnerability (2834052)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:microsoft:sharepoint_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903325\");\n script_version(\"2020-01-07T09:06:32+0000\");\n script_cve_id(\"CVE-2013-1330\", \"CVE-2013-3179\", \"CVE-2013-3180\", \"CVE-2013-0081\",\n \"CVE-2013-1315\");\n script_bugtraq_id(62221, 62227, 62254, 62205, 62167);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-07 09:06:32 +0000 (Tue, 07 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-10-09 15:37:45 +0530 (Wed, 09 Oct 2013)\");\n script_name(\"Microsoft Office Services Remote Code Execution vulnerability (2834052)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to Microsoft\n Bulletin MS13-067.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n script_tag(name:\"insight\", value:\"Multiple Flaws are due to,\n\n - An error when handling an unassigned workflow can be exploited to cause the\n W3WP process to stop responding via a specially crafted URL.\n\n - An error related to MAC exists when handling unassigned workflows.\n\n - Input passed via the 'ms-descriptionText > ctl00_PlaceHolderDialogBodySection\n _PlaceHolderDialogBodyMainSection_ValSummary' parameter related to metadata\n storage assignment of the BDC permission management within the 'Sharepoint\n Online Cloud 2013 Service' section is not properly sanitised before being used.\n\n - Certain unspecified input is not properly sanitised before being returned to\n the user.\n\n - Multiple unspecified errors.\");\n script_tag(name:\"affected\", value:\"Excel Services on Microsoft SharePoint Server 2007\n\n Excel Services on Microsoft SharePoint Server 2010\n\n Word Automation Services on Microsoft SharePoint Server 2010\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to conduct script insertion\n attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/54741\");\n script_xref(name:\"URL\", value:\"http://www.vulnerability-lab.com/get_content.php?id=812\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_sharepoint_sever_n_foundation_detect.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"MS/SharePoint/Server/Ver\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );\nshareVer = infos['version'];\npath = infos['location'];\nif(!path || \"Could not find the install location\" >< path){\n exit(0);\n}\n\n## SharePoint Server 2010 (wosrv & coreserver)\nif(shareVer =~ \"^14\\..*\")\n{\n dllVer = fetch_file_version(sysPath:path, file_name:\"\\14.0\\Bin\\Xlsrv.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.7104.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n\n dllVer2 = fetch_file_version(sysPath:path,\n file_name:\"\\14.0\\WebServices\\WordServer\\Core\\WdsrvWorker.dll\");\n if(dllVer2)\n {\n if(version_in_range(version:dllVer2, test_version:\"14.0\", test_version2:\"14.0.7104.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n}\n\n## SharePoint Server 2007 (wosrv & coreserver)\nif(shareVer =~ \"^12\\..*\")\n{\n dllVer = fetch_file_version(sysPath:path, file_name:\"\\12.0\\Bin\\Xlsrv.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"12.0\", test_version2:\"12.0.6676.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-08T14:02:25", "description": "This host is missing an important security update according to Microsoft\n Bulletin MS13-067.", "cvss3": {}, "published": "2013-10-09T00:00:00", "type": "openvas", "title": "Microsoft Office Web Apps Remote Code Execution vulnerability (2834052)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0081", "CVE-2013-1330", "CVE-2013-3179", "CVE-2013-1315", "CVE-2013-3180"], "modified": "2020-01-07T00:00:00", "id": "OPENVAS:1361412562310903324", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903324", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Web Apps Remote Code Execution vulnerability (2834052)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:microsoft:office_web_apps\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903324\");\n script_version(\"2020-01-07T09:06:32+0000\");\n script_cve_id(\"CVE-2013-1330\", \"CVE-2013-3179\", \"CVE-2013-3180\", \"CVE-2013-0081\",\n \"CVE-2013-1315\");\n script_bugtraq_id(62221, 62227, 62254, 62205, 62167);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-07 09:06:32 +0000 (Tue, 07 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-10-09 15:05:11 +0530 (Wed, 09 Oct 2013)\");\n script_name(\"Microsoft Office Web Apps Remote Code Execution vulnerability (2834052)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to Microsoft\n Bulletin MS13-067.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n script_tag(name:\"insight\", value:\"Multiple Flaws are due to,\n\n - An error when handling an unassigned workflow can be exploited to cause the\n W3WP process to stop responding via a specially crafted URL.\n\n - An error related to MAC exists when handling unassigned workflows.\n\n - Input passed via the 'ms-descriptionText > ctl00_PlaceHolderDialogBodySection\n _PlaceHolderDialogBodyMainSection_ValSummary' parameter related to metadata\n storage assignment of the BDC permission management within the 'Sharepoint\n Online Cloud 2013 Service' section is not properly sanitised before being used.\n\n - Certain unspecified input is not properly sanitised before being returned to\n the user.\n\n - Multiple unspecified errors.\");\n script_tag(name:\"affected\", value:\"- Microsoft Office Excel Web App 2010 Service Pack 2 and prior\n\n - Microsoft Office Word Web App 2010 Service Pack 2 and prior\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to conduct script insertion\n attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.vulnerability-lab.com/get_content.php?id=812\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_office_web_apps_detect.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"MS/Office/Web/Apps/Ver\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );\nwebappVer = infos['version'];\npath = infos['location'];\nif(!path || \"Could not find the install location\" >< path){\n exit(0);\n}\n\n## Microsoft Office Web Apps 2010\nif(webappVer =~ \"^14\\..*\")\n{\n path = path + \"\\14.0\\WebServices\\wordserver\\core\";\n dllVer = fetch_file_version(sysPath:path, file_name:\"msoserver.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.7106.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-01-11T14:58:19", "description": "The remote Mac OS X host is running a version of Microsoft Excel that is affected by the following vulnerabilities :\n\n - Two memory corruption vulnerabilities exist due to the way the application handles objects in memory when parsing Office files. (CVE-2013-1315 / CVE-2013-3158)\n\n - An information disclosure vulnerability exists due to the way the application parses XML files containing external entities. (CVE-2013-3159)\n\nIf an attacker can trick a user on the affected host into opening a specially crafted Excel file, it may be possible to leverage these issues to read arbitrary files on the target system or execute arbitrary code, subject to the user's privileges.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "nessus", "title": "MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2858300) (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1315", "CVE-2013-3158", "CVE-2013-3159"], "modified": "2022-06-29T00:00:00", "cpe": ["cpe:/a:microsoft:office:2011::mac"], "id": "MACOSX_MS13-073.NASL", "href": "https://www.tenable.com/plugins/nessus/69839", "sourceData": "#TRUSTED b0f1ce2af5be68c246a41cbb9813fbbb0a4ea33087337876b609f1f0df569382be56159100142584349c3fa6603044803546a023e8bab1cb7c7ff5cc0578047f74bf6b560ceb8c01a5cd5a10c7d0c6991d9901b96f19eb4961d773d39aac5cf2f7e20311743e8edc1c9e53894ee0a8a8a440e75b869aec90903915823640a816033c08da443f657fed91f691cd025d5becced0cee06f4304e17e472acdccdb4c8cc6993fb44c3d6c49155d95f059e180508ec0b2e4aa2803de258b11ce9f51ba98ec99eeb5a3b8d5d3f9117da6a943c7ef468fad622db5f61dfec8a9aa25a0e0d8cbda7e096a4b0b449a7c6eb7c575ee10ec82af59d5c473b6c6e911eb5409b05ecfa08179b651a9e6236de88bf1d59e1f9bb98d1fff6482d053ee83da92f6af8d96252425878e0b03248ce125b9a697c5a122def4c78b03100618c13a8b64a72a626ee1b080672952bfefc709ba9bc43244d60279d0c3243b9914b24641055f36663caf2dacd08c47bdc71cd62b699e63d0552a94632aa725d2047ceb3657499ede131e311b957542af9fb170c620597467d562b62c2950049c90a90c5a94f3e6e01238e4d65b2e24339346f8fea08cf606f0f6778e40a471922693af8fb866fadb493cd2da5750685ce406917cb9b9e1b4bbe10d3e549c0980347fb4a0f954cc3c623a9256caffb615ba781463b6b378170b65b802242a15e1464711cce6e6\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69839);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/29\");\n\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_xref(name:\"MSFT\", value:\"MS13-073\");\n script_xref(name:\"MSKB\", value:\"2877813\");\n\n script_name(english:\"MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2858300) (Mac OS X)\");\n script_summary(english:\"Check version of Microsoft Office\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"An application installed on the remote Mac OS X host is affected by\nmultiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote Mac OS X host is running a version of Microsoft Excel that\nis affected by the following vulnerabilities :\n\n - Two memory corruption vulnerabilities exist due to the\n way the application handles objects in memory when\n parsing Office files. (CVE-2013-1315 / CVE-2013-3158)\n\n - An information disclosure vulnerability exists due to\n the way the application parses XML files containing\n external entities. (CVE-2013-3159)\n\nIf an attacker can trick a user on the affected host into opening a\nspecially crafted Excel file, it may be possible to leverage these\nissues to read arbitrary files on the target system or execute\narbitrary code, subject to the user's privileges.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_set_attribute(attribute:\"solution\", value:\"Microsoft has released a patch for Office for Mac 2011.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office:2011::mac\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"ssh_func.inc\");\ninclude(\"macosx_func.inc\");\n\n\n\nif(sshlib::get_support_level() >= sshlib::SSH_LIB_SUPPORTS_COMMANDS ||\n get_one_kb_item('HostLevelChecks/proto') == 'local')\n enable_ssh_wrappers();\nelse disable_ssh_wrappers();\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n\n# Gather version info.\ninfo = '';\ninstalls = make_array();\n\nprod = 'Office for Mac 2011';\nplist = \"/Applications/Microsoft Office 2011/Office/MicrosoftComponentPlugin.framework/Versions/14/Resources/Info.plist\";\ncmd = 'cat \\'' + plist + '\\' | ' +\n 'grep -A 1 CFBundleShortVersionString | ' +\n 'tail -n 1 | ' +\n 'sed \\'s/.*string>\\\\(.*\\\\)<\\\\/string>.*/\\\\1/g\\'';\nversion = exec_cmd(cmd:cmd);\nif (version && version =~ \"^[0-9]+\\.\")\n{\n version = chomp(version);\n if (version !~ \"^14\\.\") exit(1, \"Failed to get the version for \"+prod+\" - '\"+version+\"'.\");\n\n installs[prod] = version;\n\n ver = split(version, sep:'.', keep:FALSE);\n for (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n fixed_version = '14.3.7';\n fix = split(fixed_version, sep:'.', keep:FALSE);\n for (i=0; i<max_index(fix); i++)\n fix[i] = int(fix[i]);\n\n for (i=0; i<max_index(fix); i++)\n if ((ver[i] < fix[i]))\n {\n info +=\n '\\n Product : ' + prod +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n break;\n }\n else if (ver[i] > fix[i])\n break;\n}\n\n\n# Report findings.\nif (info)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:info);\n else security_hole(0);\n\n exit(0);\n}\nelse\n{\n if (max_index(keys(installs)) == 0) exit(0, \"Office for Mac 2011 is not installed.\");\n else\n {\n msg = 'The host has ';\n foreach prod (sort(keys(installs)))\n msg += prod + ' ' + installs[prod] + ' and ';\n msg = substr(msg, 0, strlen(msg)-1-strlen(' and '));\n\n msg += ' installed and thus is not affected.';\n\n exit(0, msg);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:59:21", "description": "The remote Windows host is running a version of Microsoft Excel that is affected by the following vulnerabilities :\n\n - Two memory corruption vulnerabilities exist due to the way the application handles objects in memory when parsing Office files. (CVE-2013-1315 / CVE-2013-3158)\n\n - An information disclosure vulnerability exists due to the way the application parses XML files containing external entities. (CVE-2013-3159)\n\nIf an attacker can trick a user on the affected host into opening a specially crafted Excel file, it may be possible to leverage these issues to read arbitrary files on the target system or execute arbitrary code, subject to the user's privileges.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "nessus", "title": "MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2858300))", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1315", "CVE-2013-3158", "CVE-2013-3159"], "modified": "2019-12-13T00:00:00", "cpe": ["cpe:/a:microsoft:excel", "cpe:/a:microsoft:excel_viewer", "cpe:/a:microsoft:office", "cpe:/a:microsoft:office_compatibility_pack"], "id": "SMB_NT_MS13-073.NASL", "href": "https://www.tenable.com/plugins/nessus/69833", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69833);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/12/13\");\n\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_xref(name:\"MSFT\", value:\"MS13-073\");\n script_xref(name:\"MSKB\", value:\"2858300\");\n script_xref(name:\"MSKB\", value:\"2760583\");\n script_xref(name:\"MSKB\", value:\"2760588\");\n script_xref(name:\"MSKB\", value:\"2760590\");\n script_xref(name:\"MSKB\", value:\"2760597\");\n script_xref(name:\"MSKB\", value:\"2768017\");\n script_xref(name:\"MSKB\", value:\"2810048\");\n\n script_name(english:\"MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2858300))\");\n script_summary(english:\"Checks versions of Excel, Excelcnv.exe, and Xlview.exe.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"It is possible to execute arbitrary code on the remote host through\nMicrosoft Excel.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is running a version of Microsoft Excel that\nis affected by the following vulnerabilities :\n\n - Two memory corruption vulnerabilities exist due to the\n way the application handles objects in memory when\n parsing Office files. (CVE-2013-1315 / CVE-2013-3158)\n\n - An information disclosure vulnerability exists due to\n the way the application parses XML files containing\n external entities. (CVE-2013-3159)\n\nIf an attacker can trick a user on the affected host into opening a\nspecially crafted Excel file, it may be possible to leverage these\nissues to read arbitrary files on the target system or execute\narbitrary code, subject to the user's privileges.\");\n # https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-073\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b5d71423\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for Excel 2003, 2007, 2010,\n2013, Excel Viewer, and Office Compatibility Pack.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:excel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:excel_viewer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office_compatibility_pack\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"office_installed.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS13-073\";\nkbs = make_list(\n 2858300, 2760583, 2760588, 2760590, 2760597, 2768017, 2810048\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\ninfo = \"\";\nvuln = FALSE;\n\n######################################################################\n# Excel\n######################################################################\ninstalls = get_kb_list(\"SMB/Office/Excel/*/ProductPath\");\nif (!isnull(installs))\n{\n foreach install (keys(installs))\n {\n version = install - 'SMB/Office/Excel/' - '/ProductPath';\n path = installs[install];\n if (isnull(path)) path = \"n/a\";\n\n ver = split(version, sep:\".\", keep:FALSE);\n for (i = 0; i < max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n # Excel 2013.\n if (\n (ver[0] == 15 && ver[1] == 0 && ver[2] < 4535) ||\n (ver[0] == 15 && ver[1] == 0 && ver[2] == 4535 && ver[3] < 1003)\n )\n {\n vuln = TRUE;\n info =\n '\\n Product : Excel 2013' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 15.0.4535.1003' +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:\"2768017\");\n }\n\n # Excel 2010.\n office_sp = get_kb_item(\"SMB/Office/2010/SP\");\n if (\n (!isnull(office_sp) && ( (office_sp == 1) || (office_sp == 2) ) ) &&\n (\n (ver[0] == 14 && ver[1] == 0 && ver[2] < 7104) ||\n (ver[0] == 14 && ver[1] == 0 && ver[2] == 7104 && ver[3] < 5000)\n )\n )\n {\n vuln = TRUE;\n info =\n '\\n Product : Excel 2010' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 14.0.7104.5000' +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:\"2760597\");\n }\n\n # Excel 2007.\n office_sp = get_kb_item(\"SMB/Office/2007/SP\");\n if (\n (!isnull(office_sp) && (office_sp == 3)) &&\n (\n (ver[0] == 12 && ver[1] == 0 && ver[2] < 6679) ||\n (ver[0] == 12 && ver[1] == 0 && ver[2] == 6679 && ver[3] < 5000)\n )\n )\n {\n vuln = TRUE;\n info =\n '\\n Product : Excel 2007' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 12.0.6679.5000' +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:\"2760583\");\n }\n\n # Excel 2003.\n office_sp = get_kb_item(\"SMB/Office/2003/SP\");\n if ((!isnull(office_sp) && office_sp == 3) && (ver[0] == 11 && ver[1] == 0 && ver[2] < 8404))\n {\n vuln = TRUE;\n info =\n '\\n Product : Excel 2003' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 11.0.8404.0' +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:\"2810048\");\n }\n }\n}\n\n######################################################################\n# Excel Viewer\n######################################################################\nversion = '';\ninstalls = get_kb_list(\"SMB/Office/ExcelViewer/*/ProductPath\");\nif (!isnull(installs))\n{\n foreach install (keys(installs))\n {\n version = install - 'SMB/Office/ExcelViewer/' - '/ProductPath';\n path = installs[install];\n if (isnull(path)) path = \"n/a\";\n\n ver = split(version, sep:\".\", keep:FALSE);\n for (i = 0; i < max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n # Excel Viewer 2007 SP3.\n if (\n (ver[0] == 12 && ver[1] == 0 && ver[2] >= 6611) &&\n (\n (ver[0] == 12 && ver[1] == 0 && ver[2] < 6679) ||\n (ver[0] == 12 && ver[1] == 0 && ver[2] == 6679 && ver[3] < 5000)\n )\n )\n {\n vuln = TRUE;\n info =\n '\\n Product : Excel Viewer' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 12.0.6679.5000' +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:\"2760590\");\n break;\n }\n }\n}\nx86_path = hotfix_get_commonfilesdir();\nx64_path = hotfix_get_programfilesdirx86();\nif (!version)\n{\n kb = \"2760590\";\n if (\n (x86_path && hotfix_is_vulnerable(file:\"Xlview.exe\", version:\"12.0.6679.5000\", min_version:\"12.0.0.0\", path:x86_path + \"\\Microsoft Office\\Office12\", bulletin:bulletin, kb:kb)) ||\n (x64_path && hotfix_is_vulnerable(file:\"Xlview.exe\", arch:\"x64\", version:\"12.0.6679.5000\", min_version:\"12.0.0.0\", path:x64_path + \"\\Microsoft Office\\Office12\", bulletin:bulletin, kb:kb))\n ) vuln = TRUE;\n}\n\n\n######################################################################\n# Microsoft Office Compatibility Pack\n######################################################################\nversion = '';\ninstalls = get_kb_list(\"SMB/Office/ExcelCnv/*/ProductPath\");\nif (!isnull(installs))\n{\n foreach install (keys(installs))\n {\n version = install - 'SMB/Office/ExcelCnv/' - '/ProductPath';\n path = installs[install];\n if (isnull(path)) path = \"n/a\";\n\n ver = split(version, sep:\".\", keep:FALSE);\n for (i = 0; i < max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n if (\n (ver[0] == 12 && ver[1] == 0 && ver[2] < 6679) ||\n (ver[0] == 12 && ver[1] == 0 && ver[2] == 6679 && ver[3] < 5000)\n )\n {\n info =\n '\\n Product : 2007 Office system and the Office Compatibility Pack' +\n '\\n File : '+ path +\n '\\n Installed version : '+ version +\n '\\n Fixed version : 12.0.6679.5000' +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:\"2760588\");\n }\n }\n}\nif (!version)\n{\n kb = \"2760588\";\n if (\n (x86_path && hotfix_is_vulnerable(file:\"Excelcnv.exe\", version:\"12.0.6679.5000\", min_version:\"12.0.0.0\", path:x86_path + \"\\Microsoft Office\\Office12\", bulletin:bulletin, kb:kb)) ||\n (x64_path && hotfix_is_vulnerable(file:\"Excelcnv.exe\", arch:\"x64\", version:\"12.0.6679.5000\", min_version:\"12.0.0.0\", path:x64_path + \"\\Microsoft Office\\Office12\", bulletin:bulletin, kb:kb))\n ) vuln = TRUE;\n}\n\nif (info || vuln)\n{\n set_kb_item(name:\"SMB/Missing/\" + bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, \"affected\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:59:22", "description": "The versions of Office SharePoint Server, SharePoint Server, Windows SharePoint Services, SharePoint Foundation, or Office Web Apps installed on the remote host are affected by multiple vulnerabilities :\n\n - A denial of service vulnerability exits that could cause the W3WP process to stop responding. (CVE-2013-0081)\n\n - A remote code execution vulnerability exists in the way Microsoft Office Services and Web Apps parse content in specially crafted files. (CVE-2013-1315)\n\n - A remote code execution vulnerability exists in the way SharePoint Server handles unassigned workflows.\n (CVE-2013-1330)\n\n - An unspecified cross-site scripting vulnerability exists. (CVE-2013-3179)\n\n - An unspecified POST cross-site scripting vulnerability exists. (CVE-2013-3180)\n\n - Multiple memory corruption vulnerabilities exist in the way that Microsoft Office software parses specially crafted files. (CVE-2013-2847, CVE-2013-3848, CVE-2013-3849, CVE-2013-3857, CVE-2013-3858)", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "nessus", "title": "MS13-067: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2834052)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0081", "CVE-2013-1315", "CVE-2013-1330", "CVE-2013-2847", "CVE-2013-3179", "CVE-2013-3180", "CVE-2013-3847", "CVE-2013-3848", "CVE-2013-3849", "CVE-2013-3857", "CVE-2013-3858"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:microsoft:sharepoint_server", "cpe:/a:microsoft:office_web_apps"], "id": "SMB_NT_MS13-067.NASL", "href": "https://www.tenable.com/plugins/nessus/69827", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69827);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2018/11/15 20:50:31\");\n\n script_cve_id(\n \"CVE-2013-0081\",\n \"CVE-2013-1315\",\n \"CVE-2013-1330\",\n \"CVE-2013-3179\",\n \"CVE-2013-3180\",\n \"CVE-2013-3847\",\n \"CVE-2013-3848\",\n \"CVE-2013-3849\",\n \"CVE-2013-3857\",\n \"CVE-2013-3858\"\n );\n script_bugtraq_id(\n 62165,\n 62167,\n 62168,\n 62169,\n 62205,\n 62221,\n 62224,\n 62226,\n 62227,\n 62254\n );\n script_xref(name:\"EDB-ID\", value:\"28238\");\n script_xref(name:\"MSFT\", value:\"MS13-067\");\n script_xref(name:\"MSKB\", value:\"2794707\");\n script_xref(name:\"MSKB\", value:\"2810083\");\n script_xref(name:\"MSKB\", value:\"2817305\");\n script_xref(name:\"MSKB\", value:\"2817315\");\n script_xref(name:\"MSKB\", value:\"2817393\");\n script_xref(name:\"MSKB\", value:\"2817372\");\n script_xref(name:\"MSKB\", value:\"2810067\");\n script_xref(name:\"MSKB\", value:\"2760420\");\n script_xref(name:\"MSKB\", value:\"2810061\");\n script_xref(name:\"MSKB\", value:\"2760595\");\n script_xref(name:\"MSKB\", value:\"2760589\");\n script_xref(name:\"MSKB\", value:\"2553408\");\n script_xref(name:\"MSKB\", value:\"2760755\");\n script_xref(name:\"MSKB\", value:\"2760594\");\n script_xref(name:\"MSKB\", value:\"2817384\");\n script_xref(name:\"IAVA\", value:\"2013-A-0174\");\n\n script_name(english:\"MS13-067: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2834052)\");\n script_summary(english:\"Checks SharePoint / Office Web Apps version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The versions of Office SharePoint Server, SharePoint Server, Windows\nSharePoint Services, SharePoint Foundation, or Office Web Apps\ninstalled on the remote host are affected by multiple vulnerabilities :\n\n - A denial of service vulnerability exits that could cause\n the W3WP process to stop responding. (CVE-2013-0081)\n\n - A remote code execution vulnerability exists in the way\n Microsoft Office Services and Web Apps parse content in\n specially crafted files. (CVE-2013-1315)\n\n - A remote code execution vulnerability exists in the way\n SharePoint Server handles unassigned workflows.\n (CVE-2013-1330)\n\n - An unspecified cross-site scripting vulnerability\n exists. (CVE-2013-3179)\n\n - An unspecified POST cross-site scripting vulnerability\n exists. (CVE-2013-3180)\n\n - Multiple memory corruption vulnerabilities exist in the\n way that Microsoft Office software parses specially\n crafted files. (CVE-2013-2847, CVE-2013-3848,\n CVE-2013-3849, CVE-2013-3857, CVE-2013-3858)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/528546/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-067\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for SharePoint Server 2007,\nSharePoint Server 2010, SharePoint Foundation 2010, SharePoint Server\n2013, SharePoint Foundation 2013, and Office Web Apps 2010.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office_web_apps\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"office_installed.nasl\", \"ms_bulletin_checks_possible.nasl\", \"microsoft_sharepoint_installed.nbin\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nglobal_var bulletin, vuln;\n\nfunction get_ver()\n{\n local_var fh, path, rc, share, ver;\n\n path = _FCT_ANON_ARGS[0];\n\n share = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:path);\n\n rc = NetUseAdd(share:share);\n if (rc != 1)\n {\n NetUseDel();\n audit(AUDIT_SHARE_FAIL, share);\n }\n\n ver = NULL;\n path = ereg_replace(string:path, pattern:\"^[A-Za-z]:(.*)\", replace:'\\\\1\\\\');\n\n fh = CreateFile(\n file : path,\n desired_access : GENERIC_READ,\n file_attributes : FILE_ATTRIBUTE_NORMAL,\n share_mode : FILE_SHARE_READ,\n create_disposition : OPEN_EXISTING\n );\n if (!isnull(fh))\n {\n ver = GetFileVersion(handle:fh);\n ver = join(ver, sep:\".\");\n CloseFile(handle:fh);\n }\n\n NetUseDel(close:FALSE);\n\n return ver;\n}\n\nfunction check_vuln(fix, kb, name, path, ver)\n{\n local_var info;\n\n if (isnull(ver))\n ver = get_ver(path);\n\n if (isnull(ver) || ver_compare(ver:ver, fix:fix, strict:FALSE) >= 0)\n return 0;\n\n info =\n '\\n Product : ' + name +\n '\\n Path : ' + path +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:kb);\n\n vuln = TRUE;\n}\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS13-067\";\nkbs = make_list(\n 2810083, 2817305, 2817315, 2817393,\n 2817372, 2810067, 2760420, 2810061,\n 2760595, 2760589, 2553408,\n 2760755, 2760594, 2817384\n);\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\", exit_code:1);\n\n# Connect to the registry.\nregistry_init();\nhklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n\n# Get the path information for SharePoint Server 2007\nsps_2007_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Office Server\\12.0\\InstallPath\"\n);\n\n# Get path information for SharePoint Server 2010.\nsps_2010_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Office Server\\14.0\\InstallPath\"\n);\n\n# Get the path information for SharePoint Server 2013\nsps_2013_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Office Server\\15.0\\InstallPath\"\n);\n\n# Get path information for SharePoint Services 2.0\nsps_20_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Shared Tools\\Web Server Extensions\\6.0\\Location\"\n);\n\n# Get the path information for SharePoint Service 3.0\nsps_30_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Shared Tools\\Web Server Extensions\\12.0\\Location\"\n);\n\n# Check if KB2553408 is installed\nkb2553408 = FALSE;\nres = get_reg_name_value_table(handle:hklm, key:\"SOFTWARE\\Classes\\Installer\\Products\\00004109880100000100000000F01FEC\\Patches\");\nforeach item (res)\n{\n if ('9010880000100014.0.7015.1000;:#9010880000100014.0.7015.1000' >< item ||\n '9010880000100014.0.6029.1000;:#9010880000100014.0.6029.1000' >< item)\n kb2553408 = TRUE;\n}\n\n# Get path information for SharePoint Foundation 2010.\nspf_2010_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Shared Tools\\Web Server Extensions\\14.0\\Location\"\n);\n\n# Close connection to registry.\nRegCloseKey(handle:hklm);\nclose_registry(close:FALSE);\n\n# Get path information for Windows.\nwindir = hotfix_get_systemroot();\nif (isnull(windir)) audit(AUDIT_PATH_NOT_DETERMINED, 'system root');\n\n# Get path information for Common Files.\ncommonprogramfiles = hotfix_get_commonfilesdir();\nif (!commonprogramfiles) audit(AUDIT_PATH_NOT_DETERMINED, 'Common Files');\n\n# Get path information for Office Web Apps.\nowa_2010_path = sps_2010_path;\n\n######################################################################\n# SharePoint Services 2.0\n#\n# [KB2810061] onetutil.dll - 11.0.8402.0\n######################################################################\nif (sps_20_path)\n{\n name = \"Office SharePoint Services 2.0\";\n\n check_vuln(\n name : \"SharePoint Services 2.0\",\n kb : \"2810061\",\n path : sps_20_path + \"\\ISAPI\\OWSSVR.DLL\",\n fix : \"11.0.8402.0\"\n );\n}\n\n######################################################################\n# SharePoint Server 2007 SP3\n#\n# [KB2760589] xlsrv.dll - 12.0.6676.5000\n# [KB2760420] owssvr.dll - 12.0.6676.5000\n######################################################################\nif (sps_2007_path)\n{\n name = \"Office SharePoint Server 2007\";\n\n check_vuln(\n name : name,\n kb : \"2760589\",\n path : sps_2007_path + \"Bin\\xlsrv.dll\",\n fix : \"12.0.6676.5000\"\n );\n\n if (sps_30_path)\n {\n check_vuln(\n name : name,\n kb : \"2760420\",\n path : sps_30_path + \"\\ISAPI\\OWSSVR.DLL\",\n fix : \"12.0.6676.5000\"\n );\n }\n}\n\n######################################################################\n# SharePoint Foundation 2010 SP1 / SP2\n#\n# [KB2810067] Onetutil.dll: 14.0.7105.5000\n######################################################################\nif (spf_2010_path)\n{\n path = spf_2010_path + \"Bin\\Onetutil.dll\";\n ver = get_ver(path);\n\n if (ver && ver =~ \"^14\\.\")\n {\n check_vuln(\n name : \"SharePoint Foundation 2010\",\n kb : \"2810067\",\n path : path,\n ver : ver,\n fix : \"14.0.7105.5000\"\n );\n }\n}\n\n######################################################################\n# SharePoint Server 2010 SP1 / SP2\n#\n# [KB2817393] - MSSCPI.dll: 14.0.7105.5000\n# [KB2817372] - SVRSETUP.dll: 14.0.7106.5000\n# [KB2760595] - xlsrv.dll: 14.0.7104.5000\n# [KB2760755] - wdsrvworker.dll: 14.0.6112.5000\n######################################################################\nif (sps_2010_path)\n{\n name = \"Office SharePoint Server 2010\";\n\n check_vuln(\n name : name,\n kb : \"2817393\",\n path : sps_2010_path + \"Bin\\MSSCPI.dll\",\n fix : \"14.0.7105.5000\"\n );\n\n check_vuln(\n name : name,\n kb : \"2817372\",\n path : commonprogramfiles + \"\\Microsoft Shared\\SERVER14\\Server Setup Controller\\SVRSETUP.DLL\",\n fix : \"14.0.7106.5000\"\n );\n\n check_vuln(\n name : name,\n kb : \"2760595\",\n path : sps_2010_path + \"Bin\\xlsrv.dll\",\n fix : \"14.0.7104.5000\"\n );\n\n check_vuln(\n name : name,\n kb : \"2760755\",\n path : sps_2010_path + \"WebServices\\WordServer\\Core\\wdsrvworker.dll\",\n fix : \"14.0.6112.5000\"\n );\n\n sps2010edition = get_kb_item(\"SMB/Microsoft SharePoint/14.0/Edition\");\n if (!kb2553408 && (!empty_or_null(sps2010edition) && 'Foundation' >!< sps2010edition))\n {\n hotfix_add_report(' According to the registry, KB2553408 is missing.\\n', bulletin:bulletin, kb:'2553408');\n vuln++;\n }\n}\n\n######################################################################\n# SharePoint Foundation 2013\n#\n# [KB2817315] Onetutil.dll: 15.0.4535.1000\n######################################################################\nif (spf_2013_path)\n{\n path = spf_2013_path + \"Bin\\Onetutil.dll\";\n ver = get_ver(path);\n\n if (ver && ver =~ \"^15\\.\")\n {\n check_vuln(\n name : \"SharePoint Foundation 2013\",\n kb : \"2817315\",\n path : path,\n ver : ver,\n fix : \"15.0.4535.1000\"\n );\n }\n}\n\n######################################################################\n# SharePoint Server 2013\n#\n# [KB2810083] - MSSCPI.dll: 14.0.7105.5000\n# [KB2817305] - sword.dlla: 15.0.4535.1000\n######################################################################\nif (sps_2013_path)\n{\n name = \"Office SharePoint Server 2013\";\n\n check_vuln(\n name : name,\n kb : \"2810083\",\n path : sps_2013_path + \"Bin\\MSSCPI.dll\",\n fix : \"15.0.4535.1000\"\n );\n\n check_vuln(\n name : name,\n kb : \"2817305\",\n path : sps_2013_path + \"\\WebServices\\ConversionServices\\sword.dll\",\n fix : \"15.0.4525.1000\"\n );\n}\n\n######################################################################\n# Office Web Apps 2010 SP1 / SP2\n#\n# [KB2760594] xlsrv.dll: 14.0.7104.5000\n# [KB2817384] sword.dll: 14.0.7106.5001\n######################################################################\nif (owa_2010_path)\n{\n check_vuln(\n name : \"Office Web Apps 2010\",\n kb : \"2760594\",\n path : owa_2010_path + \"Bin\\xlsrv.dll\",\n fix : \"14.0.7104.5000\"\n );\n\n check_vuln(\n name : \"Office Web Apps 2010\",\n kb : \"2817384\",\n path : owa_2010_path + \"WebServices\\ConversionService\\Bin\\Converter\\sword.dll\",\n fix : \"14.0.7106.5001\"\n );\n}\n\n\nif (vuln)\n{\n set_kb_item(name:\"www/0/XSS\", value:TRUE);\n\n set_kb_item(name:\"SMB/Missing/\" + bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, \"affected\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ptsecurity": [{"lastseen": "2021-10-22T10:43:38", "description": "# PT-2013-72: XML External Entities Resolution vulnerability in Microsoft Office Excel\n\n## Vulnerable software\n\nMicrosoft Office Excel \nVersion: 2010 SP2 and earlier; 2007 SP3 and earlier; 2003 SP3 and earlier\n\nMicrosoft Excel Viewer \nVersion: 2007 SP3 and earlier\n\nLink: \n<http://microsoft.com/>[](<http://qutim.org/>)\n\n## Severity level\n\nSeverity level: Medium \nImpact: Internal Network Resources and File System Access, Denial of Service \nAccess Vector: Remote \n\n\nCVSS v2: \nBase Score: 5.8 \nVector: (AV:N/AC:M/Au:N/C:P/I:N/A:P)\n\nCVE: CVE-2013-3159\n\n## Software description\n\nMicrosoft Office Excel is a commercial spreadsheet application written and distributed by Microsoft for Microsoft Windows and Mac OS X. \n\n## Vulnerability description\n\nThe specialists of the Positive Research center have detected an XML External Entities Resolution vulnerability in Microsoft Office Excel.\n\nThe vulnerability is possible due to unsafe parsing of XML external entities. If an attacker makes a victim open a specially crafted XML document, Microsoft Office Excel installed on the vistim's system will automatically send the contents of local or remote resource to the attacker's server. It also makes possible to conduct denial of service attacks.\n\n## How to fix\n\nUse vendor's advisory: \n<http://technet.microsoft.com/en-us/security/bulletin/ms13-073>\n\n## Advisory status\n\n26.11.2012 - Vendor gets vulnerability details \n10.09.2013 - Vendor releases fixed version and details \n09.10.2013 - Public disclosure\n\n## Credits\n\nThe vulnerability was detected by Timur Yunusov, Alexey Osipov and Ilya Karpov, Positive Research Center (Positive Technologies Company)\n\n## References\n\n<http://en.securitylab.ru/lab/PT-2013-72> \n\n\nReports on the vulnerabilities previously discovered by Positive Research:\n\n<http://www.ptsecurity.com/research/advisory/> \n<http://en.securitylab.ru/lab/>\n", "cvss3": {}, "published": "2012-11-26T00:00:00", "type": "ptsecurity", "title": "PT-2013-72: XML External Entities Resolution vulnerability in Microsoft Office Excel", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3159"], "modified": "2013-10-09T00:00:00", "id": "PT-2013-72", "href": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2013-72/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "symantec": [{"lastseen": "2021-06-08T19:04:00", "bulletinFamily": "software", "cvelist": ["CVE-2013-3159"], "description": "### Description\n\nMicrosoft Excel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.\n\n### Technologies Affected\n\n * Microsoft Excel 2003 SP3 \n * Microsoft Excel 2007 SP3 \n * Microsoft Excel 2010 SP1 (32-bit editions) \n * Microsoft Excel 2010 SP1 (64-bit editions) \n * Microsoft Excel 2010 SP2 (32-bit editions) \n * Microsoft Excel 2010 SP2 (64-bit editions) \n * Microsoft Excel Viewer \n * Microsoft Office Compatibility Pack SP3 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nWhen possible, run all software as a user with minimal privileges and limited access to system resources. Use additional precautions such as restrictive environments to insulate software that may potentially handle malicious content.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This may indicate exploit attempts or activity that results from successful exploits.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "edition": 2, "modified": "2013-09-10T00:00:00", "id": "SMNTC-62225", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/62225", "published": "2013-09-10T00:00:00", "type": "symantec", "title": "Microsoft Excel CVE-2013-3159 XML Files Handling Information Disclosure Vulnerability", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2021-06-08T19:03:57", "description": "### Description\n\nMicrosoft Excel is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions.\n\n### Technologies Affected\n\n * Microsoft Excel 2003 SP3 \n * Microsoft Excel 2007 SP3 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of suspicious or anomalous activity. This may help detect malicious actions that an attacker may take after successfully exploiting vulnerabilities in applications. Review all applicable logs regularly.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nTo reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "edition": 2, "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "symantec", "title": "Microsoft Excel CVE-2013-3158 Memory Corruption Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-3158"], "modified": "2013-09-10T00:00:00", "id": "SMNTC-62219", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/62219", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:03:59", "description": "### Description\n\nMicrosoft Excel is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions.\n\n### Technologies Affected\n\n * Microsoft Excel 2003 SP3 \n * Microsoft Excel 2007 SP3 \n * Microsoft Excel 2010 SP1 (32-bit editions) \n * Microsoft Excel 2010 SP1 (64-bit editions) \n * Microsoft Excel 2010 SP2 (32-bit editions) \n * Microsoft Excel 2010 SP2 (64-bit editions) \n * Microsoft Excel 2013 (32-bit editions) \n * Microsoft Excel 2013 (64-bit editions) \n * Microsoft Excel 2013 RT \n * Microsoft Excel Viewer \n * Microsoft Excel Web App 2010 Service Pack 1 \n * Microsoft Excel Web App 2010 Service Pack 2 \n * Microsoft Office Compatibility Pack SP3 \n * Microsoft Office for Mac 2011 \n * Microsoft SharePoint Server 2007 for 32-bit SP3 \n * Microsoft SharePoint Server 2007 for 64-bit SP3 \n * Microsoft SharePoint Server 2010 SP1 \n * Microsoft SharePoint Server 2010 SP2 \n * Microsoft Word Web App 2010 Service Pack 1 \n * Microsoft Word Web App 2010 Service Pack 2 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of suspicious or anomalous activity. This may help detect malicious actions that an attacker may take after successfully exploiting vulnerabilities in applications. Review all applicable logs regularly.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nTo reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "edition": 2, "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "symantec", "title": "Microsoft Excel CVE-2013-1315 Memory Corruption Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-1315"], "modified": "2013-09-10T00:00:00", "id": "SMNTC-62167", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/62167", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2022-03-23T12:51:01", "description": "Microsoft Excel 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Excel Viewer; and Microsoft Office Compatibility Pack SP3 allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka \"XML External Entities Resolution Vulnerability.\"", "cvss3": {}, "published": "2013-09-11T14:03:00", "type": "cve", "title": "CVE-2013-3159", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3159"], "modified": "2018-10-12T22:04:00", "cpe": ["cpe:/a:microsoft:excel:2010", "cpe:/a:microsoft:excel:2007", "cpe:/a:microsoft:excel:2003"], "id": "CVE-2013-3159", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3159", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:x86:*:*", "cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:excel:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2010:sp1:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:excel:2010:sp1:*:*:*:x86:*:*"]}, {"lastseen": "2022-03-23T12:50:58", "description": "Microsoft Excel 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"", "cvss3": {}, "published": "2013-09-11T14:03:00", "type": "cve", "title": "CVE-2013-3158", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3158"], "modified": "2018-10-12T22:04:00", "cpe": ["cpe:/a:microsoft:excel:2007", "cpe:/a:microsoft:excel:2003"], "id": "CVE-2013-3158", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3158", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:excel:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:12:18", "description": "Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"", "cvss3": {}, "published": "2013-09-11T14:03:00", "type": "cve", "title": "CVE-2013-1315", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1315"], "modified": "2018-10-12T22:04:00", "cpe": ["cpe:/a:microsoft:excel:2013", "cpe:/a:microsoft:excel:2007", "cpe:/a:microsoft:office_compatibility_pack:*", "cpe:/a:microsoft:sharepoint_server:2007", "cpe:/a:microsoft:sharepoint_services:3.0", "cpe:/a:microsoft:excel:2010", "cpe:/a:microsoft:sharepoint_server:2010", "cpe:/a:microsoft:sharepoint_services:2.0", "cpe:/a:microsoft:office:2011", "cpe:/a:microsoft:sharepoint_foundation:2010", "cpe:/a:microsoft:office_web_apps:2010", "cpe:/a:microsoft:sharepoint_portal_server:2003", "cpe:/a:microsoft:excel_2013_rt:-", "cpe:/a:microsoft:excel_viewer:*", "cpe:/a:microsoft:excel:2003"], "id": "CVE-2013-1315", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1315", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office:2011:*:mac:*:*:*:*:*", "cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_portal_server:2003:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2013:*:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:excel_2013_rt:-:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_services:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:x86:*:*", "cpe:2.3:a:microsoft:excel:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_services:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2013:*:*:*:*:x86:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:*"]}], "checkpoint_advisories": [{"lastseen": "2022-11-28T07:01:20", "description": "A remote code execution vulnerability has been reported in Microsoft Excel.", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Excel Read Access Violation Remote Code Execution (MS13-073; CVE-2013-3158)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2013-3158"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2013-2914", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-28T07:01:00", "description": "A remote code execution vulnerability exists in the way that Microsoft Excel parses content in Excel files.", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Excel Memory Corruption (MS13-067; CVE-2013-1315)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2013-1315"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2013-2915", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}], "seebug": [{"lastseen": "2017-11-19T17:40:37", "description": "BUGTRAQ ID: 62167\r\nCVE(CAN) ID: CVE-2013-1315\r\n\r\nExcel\u662f\u5fae\u8f6f\u516c\u53f8\u7684\u529e\u516c\u8f6f\u4ef6\u7684\u8bd5\u7b97\u8868\u8f6f\u4ef6\u7ec4\u4ef6\u3002\r\n\r\nMicrosoft Excel \u5206\u6790 Excel \u6587\u4ef6\u4e2d\u7684\u5185\u5bb9\u7684\u65b9\u5f0f\u4e2d\u5b58\u5728\u4e00\u4e2a\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u6f0f\u6d1e\u3002\u6210\u529f\u5229\u7528\u6b64\u6f0f\u6d1e\u7684\u653b\u51fb\u8005\u53ef\u4ee5\u5b8c\u5168\u63a7\u5236\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u3002\r\n0\r\nMicrosoft Office 2013\r\nMicrosoft Office 2010\r\nMicrosoft Office 2007\r\nMicrosoft Office 2003\r\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n\u5982\u679c\u60a8\u4e0d\u80fd\u7acb\u523b\u5b89\u88c5\u8865\u4e01\u6216\u8005\u5347\u7ea7\uff0cSebug\u5efa\u8bae\u60a8\u91c7\u53d6\u4ee5\u4e0b\u63aa\u65bd\u4ee5\u964d\u4f4e\u5a01\u80c1\uff1a\r\n\r\n*\u4f7f\u7528 Microsoft Office \u6587\u4ef6\u963b\u6b62\u7b56\u7565\u7981\u6b62\u6253\u5f00 Excel \u4e8c\u8fdb\u5236\u6587\u4ef6\r\n*\u4e0d\u8981\u6253\u5f00\u4ece\u4e0d\u53d7\u4fe1\u4efb\u6765\u6e90\u6216\u4ece\u53d7\u4fe1\u4efb\u6765\u6e90\u610f\u5916\u6536\u5230\u7684 Office \u6587\u4ef6\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMicrosoft\r\n---------\r\nMicrosoft\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08MS13-073\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nMS13-073\uff1aVulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2858300)\r\n\u94fe\u63a5\uff1ahttp://technet.microsoft.com/security/bulletin/MS13-073", "cvss3": {}, "published": "2013-09-13T00:00:00", "title": "Microsoft Excel\u5185\u5b58\u7834\u574f\u6f0f\u6d1e(CVE-2013-1315)(MS13-073)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2013-1315"], "modified": "2013-09-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61002", "id": "SSV:61002", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2021-06-08T19:07:48", "description": "Memory corruption on Outlook S/MIME parsing. Information leakage, multiple memory corruptions.", "edition": 2, "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "securityvulns", "title": "Microsoft Office multiple security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3847", "CVE-2013-3849", "CVE-2013-3851", "CVE-2013-3852", "CVE-2013-3850", "CVE-2013-3857", "CVE-2013-3848", "CVE-2013-3870", "CVE-2013-3157", "CVE-2013-3854", "CVE-2013-3159", "CVE-2013-3859", "CVE-2013-3855", "CVE-2013-3856", "CVE-2013-3158", "CVE-2013-3156", "CVE-2013-3853", "CVE-2013-3858", "CVE-2013-3160", "CVE-2013-1315", "CVE-2013-3155"], "modified": "2013-09-11T00:00:00", "id": "SECURITYVULNS:VULN:13276", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13276", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:12:15", "description": "DoS, crossite scripting, memory corruptions, code execution.", "edition": 2, "cvss3": {}, "published": "2013-10-03T00:00:00", "type": "securityvulns", "title": "Microsoft Sharepoint Server multiple security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3847", "CVE-2013-3849", "CVE-2013-0081", "CVE-2013-1330", "CVE-2013-3857", "CVE-2013-3848", "CVE-2013-3179", "CVE-2013-3858", "CVE-2013-1315", "CVE-2013-3180"], "modified": "2013-10-03T00:00:00", "id": "SECURITYVULNS:VULN:13278", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13278", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}