DATABASE RESOURCES PRICING ABOUT US

{"id": "SECURITYVULNS:VULN:13278", "vendorId": null, "type": "securityvulns", "bulletinFamily": "software", "title": "Microsoft Sharepoint Server multiple security vulnerabilities", "description": "DoS, crossite scripting, memory corruptions, code execution.", "published": "2013-10-03T00:00:00", "modified": "2013-10-03T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvss2": {}, "cvss3": {}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13278", "reporter": "MICROSOFT", "references": ["https://vulners.com/securityvulns/securityvulns:doc:29899"], "cvelist": ["CVE-2013-3847", "CVE-2013-3849", "CVE-2013-0081", "CVE-2013-1330", "CVE-2013-3857", "CVE-2013-3848", "CVE-2013-3179", "CVE-2013-3858", "CVE-2013-1315", "CVE-2013-3180"], "immutableFields": [], "lastseen": "2021-06-08T19:12:15", "viewCount": 78, "enchantments": {"dependencies": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2013-2907", "CPAI-2013-2910", "CPAI-2013-2915", "CPAI-2013-2919", "CPAI-2013-2929"]}, {"type": "cve", "idList": ["CVE-2013-0081", "CVE-2013-1315", "CVE-2013-1330", "CVE-2013-3179", "CVE-2013-3180", "CVE-2013-3847", "CVE-2013-3848", "CVE-2013-3849", "CVE-2013-3857", "CVE-2013-3858"]}, {"type": "mskb", "idList": ["KB2834052", "KB2858300", "KB2915705"]}, {"type": "nessus", "idList": ["MACOSX_MS13-073.NASL", "SMB_NT_MS13-067.NASL", "SMB_NT_MS13-072.NASL", "SMB_NT_MS13-073.NASL", "SMB_NT_MS13-105.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310902996", "OPENVAS:1361412562310902997", "OPENVAS:1361412562310902998", "OPENVAS:1361412562310902999", "OPENVAS:1361412562310903322", "OPENVAS:1361412562310903323", "OPENVAS:1361412562310903324", "OPENVAS:1361412562310903325", "OPENVAS:1361412562310903401", "OPENVAS:1361412562310903402", "OPENVAS:1361412562310903403", "OPENVAS:1361412562310903404", "OPENVAS:1361412562310903418", "OPENVAS:902996", "OPENVAS:902997", "OPENVAS:902998", "OPENVAS:902999", "OPENVAS:903401", "OPENVAS:903402", "OPENVAS:903403", "OPENVAS:903404", "OPENVAS:903418"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13276", "SECURITYVULNS:VULN:13455"]}, {"type": "seebug", "idList": ["SSV:60999", "SSV:61001", "SSV:61002"]}, {"type": "symantec", "idList": ["SMNTC-62165", "SMNTC-62167", "SMNTC-62168", "SMNTC-62169", "SMNTC-62205", "SMNTC-62221", "SMNTC-62224", "SMNTC-62226", "SMNTC-62227", "SMNTC-62254"]}, {"type": "threatpost", "idList": ["THREATPOST:0C5877DE6DD50B0CB309505FAE7076AC"]}]}, "score": {"value": 2.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2013-2910", "CPAI-2013-2915", "CPAI-2013-2919", "CPAI-2013-2929"]}, {"type": "cve", "idList": ["CVE-2013-0081", "CVE-2013-1315", "CVE-2013-1330"]}, {"type": "mskb", "idList": ["KB2858300"]}, {"type": "nessus", "idList": ["SMB_NT_MS13-105.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310902996", "OPENVAS:1361412562310903401"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29899"]}, {"type": "seebug", "idList": ["SSV:61001", "SSV:61002"]}, {"type": "symantec", "idList": ["SMNTC-62165"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "sharepoint server", "version": 2007}, {"name": "sharepoint portal server", "version": 2013}, {"name": "sharepoint server", "version": 2010}, {"name": "sharepoint server", "version": 2013}, {"name": "sharepoint portal server", "version": 2003}, {"name": "sharepoint portal server", "version": 2010}, {"name": "sharepoint portal server", "version": 2007}]}, "epss": [{"cve": "CVE-2013-3847", "epss": "0.119600000", "percentile": "0.944130000", "modified": "2023-03-19"}, {"cve": "CVE-2013-3849", "epss": "0.307770000", "percentile": "0.962500000", "modified": "2023-03-19"}, {"cve": "CVE-2013-0081", "epss": "0.956290000", "percentile": "0.989820000", "modified": "2023-03-20"}, {"cve": "CVE-2013-1330", "epss": "0.353520000", "percentile": "0.964280000", "modified": "2023-03-19"}, {"cve": "CVE-2013-3857", "epss": "0.307770000", "percentile": "0.962500000", "modified": "2023-03-19"}, {"cve": "CVE-2013-3848", "epss": "0.119600000", "percentile": "0.944130000", "modified": "2023-03-19"}, {"cve": "CVE-2013-3179", "epss": "0.020340000", "percentile": "0.871560000", "modified": "2023-03-20"}, {"cve": "CVE-2013-3858", "epss": "0.307770000", "percentile": "0.962500000", "modified": "2023-03-19"}, {"cve": "CVE-2013-1315", "epss": "0.948600000", "percentile": "0.987850000", "modified": "2023-03-19"}, {"cve": "CVE-2013-3180", "epss": "0.676480000", "percentile": "0.973600000", "modified": "2023-03-20"}], "vulnersScore": 2.0}, "_state": {"dependencies": 1678962117, "score": 1678962848, "affected_software_major_version": 0, "epss": 1679322135}, "_internal": {"score_hash": "52df37eadea14cdeae139793e5623e59"}, "sourceData": "", "affectedSoftware": [{"name": "sharepoint server", "operator": "eq", "version": "2007"}, {"name": "sharepoint portal server", "operator": "eq", "version": "2013"}, {"name": "sharepoint server", "operator": "eq", "version": "2010"}, {"name": "sharepoint server", "operator": "eq", "version": "2013"}, {"name": "sharepoint portal server", "operator": "eq", "version": "2003"}, {"name": "sharepoint portal server", "operator": "eq", "version": "2010"}, {"name": "sharepoint portal server", "operator": "eq", "version": "2007"}], "appercut": {}, "exploitpack": {}, "hackapp": {}, "toolHref": "", "w3af": {}}

{"mskb": [{"lastseen": "2021-01-01T22:49:53", "description": "<html><body><p>Resolves vulnerabilities in Microsoft Office Server software that could allow remote code execution in the context of the W3WP service account.</p><h2></h2><div class=\"kb-summary-section section\"><br/><a bookmark-id=\"appliestoproducts\" href=\"#appliestoproducts\" managed-link=\"\" target=\"\">View products that this article applies to.</a></div><h2>Introduction</h2><div class=\"kb-summary-section section\">This security update resolves vulnerabilities in Microsoft Office Server software that could allow remote code execution in the context of the W3WP service account. <br/><span></span></div><h2>Summary</h2><div class=\"kb-summary-section section\">Microsoft has released security bulletin MS13-067. To view the complete security bulletin, go to one of the following Microsoft websites:<br/><ul class=\"sbody-free_list\"><li>Home users:<br/><div class=\"indent\"><a href=\"http://www.microsoft.com/security/pc-security/updates.aspx\" id=\"kb-link-1\" target=\"_self\">http://www.microsoft.com/security/pc-security/updates.aspx</a></div><span class=\"text-base\">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br/><div class=\"indent\"><a href=\"http://update.microsoft.com/microsoftupdate\" id=\"kb-link-2\" target=\"_self\">http://update.microsoft.com/microsoftupdate</a></div></li><li>IT professionals:<br/><div class=\"indent\"><a href=\"http://technet.microsoft.com/security/bulletin/ms13-067\" id=\"kb-link-3\" target=\"_self\">http://technet.microsoft.com/security/bulletin/MS13-067</a></div></li></ul></div><h2></h2><div class=\"kb-summary-section section\"><h3 class=\"sbody-h3\">How to obtain help and support for this security update</h3>Help installing updates: <a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-4\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <a href=\"http://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-5\" target=\"_self\">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your computer that is running Windows from viruses and malware: <a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-6\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <a href=\"https://support.microsoft.com/common/international.aspx\" id=\"kb-link-7\" target=\"_self\">International Support</a></div><h2></h2><div class=\"kb-moreinformation-section section\"><h3 class=\"sbody-h3\">More information about this security update</h3><h4 class=\"sbody-h4\">Known issues and additional information about this security update</h4>The following articles contain additional information about this security update as it relates to individual product versions. These articles may contain known issue information. If this is the case, the known issue is listed below each article link. <br/><br/><h5 class=\"sbody-h5 text-subtitle\">SharePoint Server</h5><br/><span class=\"text-base\">Note</span> After you install any of the following SharePoint Server security updates, you have to run the PSconfig tool to complete the installation.<br/><br/><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2810083\" id=\"kb-link-8\">2810083 </a> MS13-067: Description of the security update for SharePoint Server 2013 (coreserverloc): September 10, 2013<br/><br/></li><li><a href=\"https://support.microsoft.com/en-us/help/2817305\" id=\"kb-link-9\">2817305 </a> MS13-067: Description of the security update for SharePoint Server 2013 (wacserver): September 10, 2013 <br/></li><li><a href=\"https://support.microsoft.com/en-us/help/2817315\" id=\"kb-link-10\">2817315 </a> MS13-067: Description of the security update for SharePoint Foundation 2013: September 10, 2013 <br/></li><li><a href=\"https://support.microsoft.com/en-us/help/2817393\" id=\"kb-link-11\">2817393 </a> MS13-067: Description of the security update for SharePoint Server 2010 (coreserver): September 10, 2013 <br/></li><li><a href=\"https://support.microsoft.com/en-us/help/2817372\" id=\"kb-link-12\">2817372 </a> MS13-067: Description of the security update for SharePoint Server 2010 (wosrv): September 10, 2013 <br/></li><li><a href=\"https://support.microsoft.com/en-us/help/2810067\" id=\"kb-link-13\">2810067 </a> MS13-067: Description of the security update for SharePoint Foundation 2010: September 10, 2013 <br/></li></ul><h5 class=\"sbody-h5 text-subtitle\">SharePoint Services</h5><br/><span class=\"text-base\">Note</span> After you install any of the following SharePoint Services security updates, you have to run the PSconfig tool to complete the installation.<br/><br/><br/><br/><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2760420\" id=\"kb-link-14\">2760420 </a> MS13-067: Description of the security update for Windows SharePoint Services 3.0: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2810061\" id=\"kb-link-15\">2810061 </a> MS13-067: Description of the security update for Windows SharePoint Services 2.0: September 10, 2013</li></ul><h5 class=\"sbody-h5 text-subtitle\">Office Web Services</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2760595\" id=\"kb-link-16\">2760595 </a> MS13-067: Description of the security update for Excel Services in SharePoint Server 2010: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2760589\" id=\"kb-link-17\">2760589 </a> MS13-067: Description of the security update for Excel Services in SharePoint Server 2007: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2553408\" id=\"kb-link-18\">2553408 </a> MS13-067: Description of the security update for InfoPath Forms Services in SharePoint 2010: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2760755\" id=\"kb-link-19\">2760755 </a> MS13-067: Description of the security update for Word Automation Services in SharePoint Server 2010: September 10, 2013</li></ul><h5 class=\"sbody-h5 text-subtitle\">Office Online</h5><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2760594\" id=\"kb-link-20\">2760594 </a> MS13-067: Description of the security update for Excel Online: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/NNNNN2\" id=\"kb-link-21\"></a><a href=\"https://support.microsoft.com/en-us/help/2817384\" id=\"kb-link-22\">2817384 </a> MS13-067: Description of the security update for Word Online: September 10, 2013</li></ul></div><h2></h2><div class=\"kb-moreinformation-section section\"><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">File hash information</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\"><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">SHA1 hash</th><th class=\"sbody-th\">SHA256 hash</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">acsrv2010-kb2553298-fullfile-x64-glb.exe</td><td class=\"sbody-td\">122AE7B80155F45F217F366BD2F9D4A99527F14A</td><td class=\"sbody-td\">D62785F2FEDF55057F8512E53FD8EE71B2C3D4CA1E2888C16D95326D19DDEF2B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">lpsrv2010-kb2553408-fullfile-x64-glb.exe</td><td class=\"sbody-td\">E586AC1E65F16880847D6E6CCEFF45C3CC082AEB</td><td class=\"sbody-td\">54905C43EC42C9149C0FDB0683D3B4A21BE97EF18DD9B38A83B6171EF9E4463F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">pjsrv2010-kb2553430-fullfile-x64-glb.exe</td><td class=\"sbody-td\">8D97F6BABEAD29D1DD7D06AD631BEA5584167FE1</td><td class=\"sbody-td\">3FF4F679565F7DF2B6DA0D1503D4324293DE70BEA967FCCCBD59877882CB572F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ppsma2010-kb2553341-fullfile-x64-glb.exe</td><td class=\"sbody-td\">B59A1860FE9AC5499AA5D673AA13B120636BC78D</td><td class=\"sbody-td\">68475D3499CF2109A605185690E052F29810A84A2401C51878B78836735FD362</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">sts2007-kb2760420-fullfile-x64-glb.exe</td><td class=\"sbody-td\">D04120B3D923E73F4098007966A1C236E6A0217B</td><td class=\"sbody-td\">8CA13F2965FB44C35791857FB300E0C8D4F573BB6518693678A1F2B58849BEE0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">sts2007-kb2760420-fullfile-x86-glb.exe</td><td class=\"sbody-td\">6C92539E2E7BDEDFB760DDB69800FCF7E800C908</td><td class=\"sbody-td\">D9F3170B68A1A8A92AACC27C48560CEDE4606997E67BE5149B907F8DBB551DE3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">vsrv2010-kb2553219-fullfile-x64-glb.exe</td><td class=\"sbody-td\">06C594E6DABF92474192DC6D971FD1206C49A4EC</td><td class=\"sbody-td\">63A63D9F3746AF081D81B54E4D6B686CCB1CA5AC3F03CAFFD51DF71C681DC401</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wdsrv2010-kb2760755-fullfile-x64-glb.exe</td><td class=\"sbody-td\">F55883F6C0D5A5EDD2F04747880159D96A72743F</td><td class=\"sbody-td\">5B4F1B2D87C63D0B9DCB017FF5B09ED309A7C8402AD34694FACEB1F43150E126</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlsrv2010-kb2760595-fullfile-x64-glb.exe</td><td class=\"sbody-td\">B4D49782733AC2158F1C07177DB44320A543AC34</td><td class=\"sbody-td\">CAA100BC32C152A21E0391D3779360E70F8062006C938A7E2D3F51F378C0ECF0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlwac2010-kb2760594-fullfile-x64-glb.exe</td><td class=\"sbody-td\">722CDD51E9AF23F29372D020938AEFC5DA350096</td><td class=\"sbody-td\">E7116450C7F9304939EFA1F74B9D0E2655243455964478DA485229CD7D55EBF3</td></tr></table></div></div><br/></span></div></div></div></div><h2></h2><div class=\"kb-moreinformation-section section\"><a class=\"bookmark\" id=\"appliestoproducts\"></a><br/><h3 class=\"sbody-h3\">Applies to</h3>This article applies to the following:<br/><ul class=\"sbody-free_list\"><li>Microsoft SharePoint Server 2013</li><li>Microsoft SharePoint Foundation 2013</li><li>Microsoft SharePoint Server 2010 Service Pack 2</li><li>Microsoft SharePoint Server 2010 Service Pack 1</li><li>Microsoft SharePoint Foundation 2010</li><li>Microsoft Windows SharePoint Services 3.0</li><li>Microsoft Windows SharePoint Services 2.0</li><li>Excel Services in Microsoft SharePoint Server 2010</li><li>Excel Services in Microsoft Office SharePoint Server 2007</li><li>InfoPath Forms Services in SharePoint 2010</li><li>Word Automation Services in SharePoint Server 2010</li><li>Microsoft Excel Online</li><li>Microsoft Word Online</li></ul></div></body></html>", "edition": 2, "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "mskb", "title": "MS13-067: Vulnerabilities in Microsoft SharePoint Server could allow remote code execution: September 10, 2013", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3847", "CVE-2013-3849", "CVE-2013-0081", "CVE-2013-1330", "CVE-2013-3857", "CVE-2013-3848", "CVE-2013-3179", "CVE-2013-3858", "CVE-2013-1315", "CVE-2013-3180"], "modified": "2014-04-18T03:03:01", "id": "KB2834052", "href": "https://support.microsoft.com/en-us/help/2834052/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:40:11", "description": "<html><body><p>This security update addresses the vulnerabilities by correcting how Microsoft Excel and other affected Microsoft software validates data when parsing specially crafted Office files and by correcting how the XML parser used by Excel resolves external entities within a specially crafted file.</p><h2>INTRODUCTION</h2><div class=\"kb-summary-section section\">Microsoft has released security bulletin MS13-073. To view the complete security bulletin, visit one of the following Microsoft websites: <ul class=\"sbody-free_list\"><li>Home users:<div class=\"indent\"><a href=\"http://www.microsoft.com/security/pc-security/updates.aspx\" id=\"kb-link-1\" target=\"_self\">http://www.microsoft.com/security/pc-security/updates.aspx</a></div><span class=\"text-base\">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br/><div class=\"indent\"><a href=\"http://update.microsoft.com/microsoftupdate/\" id=\"kb-link-2\" target=\"_self\">http://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<div class=\"indent\"><a href=\"http://technet.microsoft.com/security/bulletin/ms13-073\" id=\"kb-link-3\" target=\"_self\">http://technet.microsoft.com/security/bulletin/MS13-073</a></div></li></ul><h3 class=\"sbody-h3\">How to obtain help and support for this security update</h3> Help installing updates: <a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-4\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <br/><a href=\"http://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-5\" target=\"_self\">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your computer that is running Windows from viruses and malware:<br/><a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-6\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <br/><a href=\"https://support.microsoft.com/common/international.aspx\" id=\"kb-link-7\" target=\"_self\">International Support</a><br/><br/></div><h2></h2><div class=\"kb-moreinformation-section section\"><h3 class=\"sbody-h3\">Known issues and additional information about this security update</h3>The following articles contain additional information about this security update as it relates to individual product versions. These articles may contain known issue information. If this is the case, the known issue is listed below each article link. <ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2760583\" id=\"kb-link-8\">2760583 </a> MS13-073: Description of the security update for Microsoft Office Excel 2007: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2760588\" id=\"kb-link-9\">2760588 </a> MS13-073: Description of the security update for Microsoft Excel 2007 (xlconv-x-none.msp): September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2760590\" id=\"kb-link-10\">2760590 </a> MS13-073: Description of the security update for Microsoft Office Excel Viewer 2007: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2760597\" id=\"kb-link-11\">2760597 </a> MS13-073: Description of the security update for Microsoft Excel 2010: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2768017\" id=\"kb-link-12\">2768017 </a> MS13-073: Description of the security update for Microsoft Excel 2013: September 10, 2013</li><li><a href=\"https://support.microsoft.com/en-us/help/2810048\" id=\"kb-link-13\">2810048 </a> MS13-073: Description of the security update for Microsoft Excel 2003: September 10, 2013</li></ul><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">File hash information</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\"><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">SHA1 hash</th><th class=\"sbody-th\">SHA256 hash</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">excel2007-kb2760583-fullfile-x86-glb.exe</td><td class=\"sbody-td\">8FD16A3D1C4DA075891721202BC5734B75229F21</td><td class=\"sbody-td\">A741EA7CE7FABB40D011C3141EBBB06C6B6473DB23B57D90A8A52A24A5820AE0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">excel2010-kb2760597-fullfile-x64-glb.exe</td><td class=\"sbody-td\">EA9BEBA1E7D06C13531A67671A5E73259FBDE93D</td><td class=\"sbody-td\">134497AEA1D38DB03032CD58BFF4B619D8CD16938709E1EE7F73EDFCE59A6CDF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">excel2010-kb2760597-fullfile-x86-glb.exe</td><td class=\"sbody-td\">0A329ED77A783DBAE7DB221DEA444E2508671A38</td><td class=\"sbody-td\">FE471E005A512AD64B9F4DD9CE653741A7874E6088D48E6BD78F3C582191832A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">graph2010-kb2687275-fullfile-x64-glb.exe</td><td class=\"sbody-td\">07D569E5CA650CB5E4BDF090E4BE6EAC91511018</td><td class=\"sbody-td\">98999DDB40B437D0A2E9C9DA6827F6A369F7D914E0FF1E6F0A8AD468797CFC13</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">graph2010-kb2687275-fullfile-x86-glb.exe</td><td class=\"sbody-td\">71598A0D6E189AD0D4E4785EC5ACC2A4F4823814</td><td class=\"sbody-td\">32458E0DDDBD6D9805C94E419B567050AE0943CFC8B333FBAAA7734033F38AE2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wdsrv2010-kb2760755-fullfile-x64-glb.exe</td><td class=\"sbody-td\">F55883F6C0D5A5EDD2F04747880159D96A72743F</td><td class=\"sbody-td\">5B4F1B2D87C63D0B9DCB017FF5B09ED309A7C8402AD34694FACEB1F43150E126</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlconv2007-kb2760588-fullfile-x86-glb.exe</td><td class=\"sbody-td\">60F61CB663E9562E32799E2188D11DB346313E31</td><td class=\"sbody-td\">6644B99D1A83B7D32D8D9C8A90FEE7742160A3B6F020FE3BF303FE454CD0ABEB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlsrv2010-kb2760595-fullfile-x64-glb.exe</td><td class=\"sbody-td\">B4D49782733AC2158F1C07177DB44320A543AC34</td><td class=\"sbody-td\">CAA100BC32C152A21E0391D3779360E70F8062006C938A7E2D3F51F378C0ECF0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlsrvapp2007-kb2760589-fullfile-x64-glb.exe</td><td class=\"sbody-td\">B188BF54191B670760C514ED44A8066FC03A528A</td><td class=\"sbody-td\">295C2683D3D0BC90604694735F1C20C98B350217BEC7BCB8F0E35A8567F9D768</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlsrvapp2007-kb2760589-fullfile-x86-glb.exe</td><td class=\"sbody-td\">6E90D96E807A8694CEBFA1459F2AB696FDD56DF6</td><td class=\"sbody-td\">6AA3CC62A521B10629C4998567A63A3BEC61F48243780AA79C40F96FAF7B8B44</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlview2007-kb2760590-fullfile-x86-glb.exe</td><td class=\"sbody-td\">55C7B6442366AFC6EACFDF6047EA9F1335933B0D</td><td class=\"sbody-td\">EF672F28301954566CC33E9425155729AF1EF9E350EB055E735DF464DB1A9F95</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlwac2010-kb2760594-fullfile-x64-glb.exe</td><td class=\"sbody-td\">722CDD51E9AF23F29372D020938AEFC5DA350096</td><td class=\"sbody-td\">E7116450C7F9304939EFA1F74B9D0E2655243455964478DA485229CD7D55EBF3</td></tr></table></div></div><br/></span></div></div></div></div></body></html>", "edition": 2, "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "mskb", "title": "MS13-073: Vulnerabilities in Microsoft Excel could allow remote code execution: September 10, 2013", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2013-09-10T17:10:48", "id": "KB2858300", "href": "https://support.microsoft.com/en-us/help/2858300/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T22:34:47", "description": "<html><body><p>Resolves vulnerabilities in the WebReady Document Viewing and Data Loss Prevention features of Microsoft Exchange Server. These vulnerabilities could allow remote code execution in the security context of the LocalService account if an attacker sends an email message that contains a specially crafted file to a user on an affected Exchange server.</p><h2>INTRODUCTION</h2><div class=\"kb-summary-section section\">Microsoft has released security bulletin MS13-105. To view the complete security bulletin, go to one of the following Microsoft websites: <ul class=\"sbody-free_list\"><li>Home users:<br/><div class=\"indent\"><a href=\"http://www.microsoft.com/security/pc-security/updates.aspx\" id=\"kb-link-1\" target=\"_self\">http://www.microsoft.com/security/pc-security/updates.aspx</a></div><span class=\"text-base\">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br/><div class=\"indent\"><a href=\"http://update.microsoft.com/microsoftupdate/\" id=\"kb-link-2\" target=\"_self\">http://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<br/><div class=\"indent\"><a href=\"http://technet.microsoft.com/security/bulletin/ms13-105\" id=\"kb-link-3\" target=\"_self\">http://technet.microsoft.com/security/bulletin/MS13-105</a></div></li></ul><h3 class=\"sbody-h3\">How to obtain help and support for this security update</h3>Help installing updates:<br/><a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-4\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals:<br/><a href=\"http://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-5\" target=\"_self\">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your Windows-based computer from viruses and malware: <a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-6\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support according to your country:<br/><a href=\"https://support.microsoft.com/common/international.aspx\" id=\"kb-link-7\" target=\"_self\">International Support</a><br/><br/></div><h2>More Information</h2><div class=\"kb-moreinformation-section section\"><h3 class=\"sbody-h3\">Known issues and additional information about this security update</h3>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed under each article link.<br/><ul class=\"sbody-free_list\"><li><div class=\"indent\"><a href=\"https://support.microsoft.com/en-us/help/2880833\" id=\"kb-link-8\">2880833 </a> Security issue that is described in Security Bulletin MS13-105 is resolved by an Exchange Server update </div></li><li><div class=\"indent\"><a href=\"https://support.microsoft.com/en-us/help/2905616\" id=\"kb-link-9\">2905616 </a> Description of Update Rollup 4 for Exchange Server 2010 Service Pack 3 </div></li><li><div class=\"indent\"><a href=\"https://support.microsoft.com/en-us/help/2903911\" id=\"kb-link-10\">2903911 </a> Description of Update Rollup 12 for Exchange Server 2007 Service Pack 3 </div></li><li><div class=\"indent\"><a href=\"https://support.microsoft.com/en-us/help/2903903\" id=\"kb-link-11\">2903903 </a> Description of Update Rollup 8 for Exchange Server 2010 Service Pack 2 </div><br/><br/>Known issues in security update 2903903:<br/><ul class=\"sbody-free_list\"><li>After you install Update Rollup 8 for Microsoft Exchange Server 2010 Service Pack 2 (KB2903903) from Microsoft Update and then try to uninstall the update, you may receive an error message that resembles the following:<br/><br/><br/><br/><div class=\"sbody-error\">Error reading from file Drive:\\Setup\\ServerRoles\\TransportRoles\\&lt;Folder Name&gt;\\Hygiene\\ASDat.MSI. Verify that the file exists and that you can access it.<br/></div><br/><br/>For more information, click the following article number to view the article in the Microsoft Knowledge Base:<br/><div class=\"indent\"><a href=\"https://support.microsoft.com/en-us/help/2917865\" id=\"kb-link-12\">2917865 </a> \"Error reading from file\" message when you try to uninstall Update Rollup 8 for Exchange Server 2010 Service Pack 2 (KB2903903)</div></li></ul></li></ul></div><h2></h2><div class=\"kb-moreinformation-section section\"><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">File hash information</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\"><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">SHA1 hash</th><th class=\"sbody-th\">SHA256 hash</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x64-DE.msp</td><td class=\"sbody-td\">C42C6BB19498124EC6ADF3A5FF8D120B0741D040</td><td class=\"sbody-td\">DFFB5D4055D1B19DC376315022DA50CB736BB34D2E9B6995C2F7A04C63C5B989</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x64-EN.msp</td><td class=\"sbody-td\">41C90E2E6CC0ED2DE860EB88D7B3D98D0594F7B2</td><td class=\"sbody-td\">60FE122021A9AD6C54FAB81D145A03DBA6BF2160AF8998F521F157CF5FDAA181</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x64-ES.msp</td><td class=\"sbody-td\">40A16153ED318235EA3FCF5714095C1775E4518E</td><td class=\"sbody-td\">8458C7F0391E9CCF19BD24DB5EB9F36793845DE9449449CB02E42062DCAE737E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x64-FR.msp</td><td class=\"sbody-td\">55A74F08DB1342B20D6B569EA78E91409259A57D</td><td class=\"sbody-td\">FB9B3C418CFEF7298C6814DE341B60F91F3E171E539CF6CF97E866CF84A45EAF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x64-IT.msp</td><td class=\"sbody-td\">53BF4D0E0501FD112E2BCDF9E301E7372763DB9E</td><td class=\"sbody-td\">05931BA600B17F67F39332A332D52F007EB66D984D20C553D08D167B90A05EE9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x64-JA.msp</td><td class=\"sbody-td\">DE7E7FFF32237037C810760AC93E6006CEE1B769</td><td class=\"sbody-td\">E018E9D95E6C6B23B9DB69F28E515CC5465B26A361CBDEC38C6864A6779BC43E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x64-KO.msp</td><td class=\"sbody-td\">EBEFB1EB47B79C21AD9F57EA4DD43A00D7EE846D</td><td class=\"sbody-td\">813FEF25496B01F38CEC6E12467D125478A00B02BCC745948F03C7C5F7B81469</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x64-PT.msp</td><td class=\"sbody-td\">85A47C68AD9E5C3AC05E16E858DA3B20715A50F9</td><td class=\"sbody-td\">FA3F22D89CD0E5022FE8BF77DF79080F783D51FD948C0CE28550D2E80DC6D297</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x64-RU.msp</td><td class=\"sbody-td\">E49F4CC8AA6D55F15935A1963B41E33B36FDC116</td><td class=\"sbody-td\">ECDF256FFCEFA2FDE49DE3FB2188A400D0D22E78D3D3D28C110C87B4FB57BA2F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x64-ZH-CHS.msp</td><td class=\"sbody-td\">966607218F60471449931875BD60BE597AE33C7B</td><td class=\"sbody-td\">5943711E5834ED397E7D6BC2BCC2C5447D258024FA47406B3EFE88FA541F7331</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x64-ZH-CHT.msp</td><td class=\"sbody-td\">36F4A38E57B492D91B4FE39432B6EE92206DBA55</td><td class=\"sbody-td\">ACFA116FB7ED48D1CCEBE862A0E076C0F048522CD24CF84ED68684D578651418</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x86-DE.msp</td><td class=\"sbody-td\">264FCC688A975BE4D16E765B187E8A15A3E62FE8</td><td class=\"sbody-td\">64EC9B0153E7CF2EFF3769F187D279AA3B02F1A090C4D0464B328ED26E1C4E02</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x86-EN.msp</td><td class=\"sbody-td\">137F1DEC7F958EA1F424863780771E10B7589D73</td><td class=\"sbody-td\">A3BCAAC5E02AB17052F32DF8919857ED5B487167D0660CC74515D638CC64C45A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x86-ES.msp</td><td class=\"sbody-td\">CAF503B30BB7ED9F30CA3741224B9BA5E2EF627E</td><td class=\"sbody-td\">E2FFAAAF7BFE6A3697351CBE61572C87A202979A42F7B2883B89C4EDFB514081</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x86-FR.msp</td><td class=\"sbody-td\">2AFF22F328763A8411D4DCA796DABFEB6EA1DCBB</td><td class=\"sbody-td\">C7B09773A5360C0B61655585980CEACDD9E791AF82C53E9C6C793C1B53B55D9C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x86-IT.msp</td><td class=\"sbody-td\">9A103E242A7F7A1399E74838F7F886FB3D4BC0CA</td><td class=\"sbody-td\">5992D23DD7CDFBFD11C3591B9286864656CCBE2D1FD235A1F867B32038A715AE</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x86-JA.msp</td><td class=\"sbody-td\">67FDB1E0D34505E3F3D1E36CBC3AC67B5B035470</td><td class=\"sbody-td\">04BBFC1F5228DA011770E13C038FA62AE696F3D0D4F0C62EFFC31E91D226F6AC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x86-KO.msp</td><td class=\"sbody-td\">E29514F85093B63E1DBC4AA3577F97ED6F7DD0E3</td><td class=\"sbody-td\">FC3E494BFA09FD247FBD92F89023BDFCB48F6F7CA139371359D2178D21EAE2ED</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x86-PT.msp</td><td class=\"sbody-td\">340222416A26AF79FB24DD469732688DB340ED62</td><td class=\"sbody-td\">12997444FA6909FB93CFD6749CFECF8FD9EDB175851F19C356647056BDF99216</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x86-RU.msp</td><td class=\"sbody-td\">3CB018413FF23DE0A7F179FB2FEFE6A851076093</td><td class=\"sbody-td\">FD08B811CE3D12C6BB16CF5CDDB1D40AE0A9123DBDDF660DB0B5FBA0331E1723</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x86-ZH-CHS.msp</td><td class=\"sbody-td\">72DA0F86674D720AEC814F9D69A6560EECB8EF37</td><td class=\"sbody-td\">1E0E486C0E14F19082C9843850D54FAB4CDCED78485D06B6FC3D29413B2C98C2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2007-KB2903911-x86-ZH-CHT.msp</td><td class=\"sbody-td\">0ABE5C1B1F4E8920D04F54EF62D2533387EB97C3</td><td class=\"sbody-td\">9DEF1DEDA61460F74709568ADEFB0A610A43987E312A49498C3BAD6786F3C0D1</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2903903-x64-ar.msp</td><td class=\"sbody-td\">FECB9048BE350CBE7A24B3058BE72DA7F44CA3A9</td><td class=\"sbody-td\">91E2F8955D5C680655BB0FD42C9D03D2F4C9377F56C73BF6744F1A78D94B0498</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2903903-x64-de.msp</td><td class=\"sbody-td\">F59652E169479F9F90DC5B8C369A2BFD1A0A7DCB</td><td class=\"sbody-td\">E203DFE6617E76B601670E5C0E8B1C16DFB532651EE308BA605BB70780518C20</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2903903-x64-en.msp</td><td class=\"sbody-td\">C38200B67D2A3EB94933B44044EDB93D87641A32</td><td class=\"sbody-td\">ACEE2B3895B158189255B77988E5C72AEA54E650C47EC275479E9D686463B774</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2903903-x64-es.msp</td><td class=\"sbody-td\">34263763A53E8ECE0415E8058E5BAE9641F36196</td><td class=\"sbody-td\">8F9AA4F34CC68F62DC45E1672C7D79B90AF0A172B883758D3E88F951528ADFE7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2903903-x64-fr.msp</td><td class=\"sbody-td\">BACF7ABA981CBCC3F66CB25E80E56AD3AE06F300</td><td class=\"sbody-td\">0166CE4532722138A5EF2280E4BDB17AA78955111C5F92566F9A6DC5B062605D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2903903-x64-he.msp</td><td class=\"sbody-td\">A08321FC604A9694E9DF76280D0EBA9F67391E30</td><td class=\"sbody-td\">D1E5B84522D04711A8B5F2434478D96BD7DDD575D27000FBD4C22DEDAF04B242</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2903903-x64-it.msp</td><td class=\"sbody-td\">65BF4E2C388DB1620D220086E0128677FDB46676</td><td class=\"sbody-td\">16A07EFC0361AA882AD2DB2756B1FD0AE5775F6F3E874AEE6D86BA3A13DE82E5</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2903903-x64-ja.msp</td><td class=\"sbody-td\">F3C0E5DE3AEB89AC745BD585EF6D27120D4E02F3</td><td class=\"sbody-td\">B1A6C7928D3F51A169ABD0F9612CB3BD84C700F0ADB5617CA224FD367EE070F0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2903903-x64-ko.msp</td><td class=\"sbody-td\">D6862721E992FFEE7F2484116A850FBE12D56A29</td><td class=\"sbody-td\">D15F3A1495393E4B347BC91A79CBEBCBA2C4AE1EF4098CF5BC470E3CFD1E7DC4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2903903-x64-pt.msp</td><td class=\"sbody-td\">5E3A159D0F6F67C085C69F917CA6E89DA1C8C450</td><td class=\"sbody-td\">A8D855A3BC714087EEFA1EA510FC7ACC93C4C13D818B778C6880794273E9F092</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2903903-x64-ru.msp</td><td class=\"sbody-td\">82907F24ED85FCA800B652D5F51BB8D0CB4DC0C7</td><td class=\"sbody-td\">9B22A2BD18FBC728D98BF39B48A58B6F3AAB6F5C7AD3542B86B99FEC2E91B54F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2903903-x64-zh-hans.msp</td><td class=\"sbody-td\">874D706A5DC48C404ABDC2DC03F2CE811BAA4794</td><td class=\"sbody-td\">18A90242C59246E3B6ABC54F47E692D18E8A31D14E0D72E458C842AD99FD8626</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2903903-x64-zh-hant.msp</td><td class=\"sbody-td\">7B62C5AE3B5953C3B64DE694E35327820E71C6D8</td><td class=\"sbody-td\">409E897B72E7FB26EC6A4F1EDF781A8D9B744E89CA194185A1C5795160A98C56</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2905616-x64-ar.msp</td><td class=\"sbody-td\">68B5FEA48D5453E951F8B98A04E0707B6C83E179</td><td class=\"sbody-td\">63CB0592CCE7DBF871C275C4A38AE29493DA2E66AC4AEBCA4822A99A7BE1A9A0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2905616-x64-de.msp</td><td class=\"sbody-td\">7AA2595DB36C47224D4F6F5593B56D931B9CE797</td><td class=\"sbody-td\">368A66591444C574E1ED13C4813025A962590D8B9F68864F2EB25A501A7A7375</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2905616-x64-en.msp</td><td class=\"sbody-td\">F08CF10C238A499D24CDC68DCA69EB50933799B5</td><td class=\"sbody-td\">5489B6A6087743E380A38FFF832B5853D06185A5513D224FE658D535BBA5AF2B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2905616-x64-es.msp</td><td class=\"sbody-td\">6FC48F39E4A3A8248BC45A53D547B0927084AF62</td><td class=\"sbody-td\">5E9ADA91EAF58DDA3D9E92F82D42A5B63B2480E3E26B43331868993BEF91506D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2905616-x64-fr.msp</td><td class=\"sbody-td\">CFB2C2C56FDC7D85C8B7D15BECEC7A56CBE5D436</td><td class=\"sbody-td\">69B8C6429B096C62546BBFB7FF1CAA9021B47FEB375DCBFBFA13E71A9096CFE3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2905616-x64-he.msp</td><td class=\"sbody-td\">6AEC41B2AD0A720ED5C0F83DB1242436FA52838D</td><td class=\"sbody-td\">60D36E3E1042F7D9849889D19AC511D3C549645D0F1BA44CFB1BF52610F1AA5B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2905616-x64-it.msp</td><td class=\"sbody-td\">8A457336F3CEB5092F915BAE8EF3F1D79061B662</td><td class=\"sbody-td\">9CFC19E06C8A5AC53CB37848760739367C57389870C658E4E53881D7E2B8862C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2905616-x64-ja.msp</td><td class=\"sbody-td\">08AC1BEAD991C79B319FA9EBA3FFD5A32DD26B1B</td><td class=\"sbody-td\">76FEEEF362CB92D9D395E508558561738FC37ADD0E04F8DC9BDE95A44B5DC0C9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2905616-x64-ko.msp</td><td class=\"sbody-td\">4B45740C26BDB2B0146985E104246809C4C14260</td><td class=\"sbody-td\">CB9ACB4CA3B6B80C2D8B54093090B98244049B2AA5A50A24C7A9418FEC9B980F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2905616-x64-pt.msp</td><td class=\"sbody-td\">9FB4BF3202BD54D3427735A2846A4D2771BA6075</td><td class=\"sbody-td\">B5191819BB8CF48F6040F0751BF2771E5F8576F3F2409CE94B1568100FC3F6F2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2905616-x64-ru.msp</td><td class=\"sbody-td\">5510A5E9B793BD0D41783144D583B911D6075830</td><td class=\"sbody-td\">306C48458645D9CC2E842FAB2FF29FB71A64AA721793C647D7CA4B326516A60A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2905616-x64-zh-hans.msp</td><td class=\"sbody-td\">83D400773BC31D1D64567879791EA6253953F430</td><td class=\"sbody-td\">717ADE26CA44BF4792B48F1097096073CF55D66DBA797339FD8552F7472E8157</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2010-KB2905616-x64-zh-hant.msp</td><td class=\"sbody-td\">9141C21C6797E5B6F79C95481372D26A4CC0CDD6</td><td class=\"sbody-td\">D54CF100E9CA5567398211A3026BAAAB862567374549830E77989EAE9242FA9E</td></tr></table></div> Exchange 2013 cumulative update 2 <br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-de.msp</td><td class=\"sbody-td\">494C9183E7FE8AA68C5084AD17A107AC06FAE3B8</td><td class=\"sbody-td\">D9750D44B4C00DE9F9BB05B608C3F0EF8F30AA36A729BDDA5FB72791D06A3893</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-en.msp</td><td class=\"sbody-td\">10B7E5473CEB46E03DCA9EBF94233A7D1EE3D81C</td><td class=\"sbody-td\">7E729DA2B0D807EAF86DA420AC15F1ACEE72579C940EFB2B86BE41B9446A42F3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-es.msp</td><td class=\"sbody-td\">0C0E2D1685FA866A98C8D39F174830708CB8F1B4</td><td class=\"sbody-td\">9ABF7D5F8A479597E6F52EF0D8C5A001D8AEA25FCB5DC4CE422E3C8FD562E42B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-fr.msp</td><td class=\"sbody-td\">CC6CABC9C86551C03D609741860C186BF082BE58</td><td class=\"sbody-td\">8F98F062052A1AAC28C4F04FC1717C43169CC9BD08944F89338D8753BD6E8249</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-it.msp</td><td class=\"sbody-td\">98897BD9E9CF54AF9D2DB2CAE1F8FEA810521BF0</td><td class=\"sbody-td\">78B9182747F38EA3B2A05B0452938ED793D06ECB92F3C145F830AFF6B6C64E65</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-ja.msp</td><td class=\"sbody-td\">BCDF6BD0C24A1115E60EA4DABCBC0ECB23A5CC80</td><td class=\"sbody-td\">5F2440402DC5167FE30EF5C07C44A9E0FBA02344A842E9DAD1E5BCBA761D52A7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-ko.msp</td><td class=\"sbody-td\">7955EF78B57E198FFDECDB9856FF742800F41EDD</td><td class=\"sbody-td\">E2F204A5298B715D49E13CA99BBA034BBA059F1B48AB8BA55EC14FE17CA17D3F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-pt.msp</td><td class=\"sbody-td\">831E0625C90CC0AF73311ED54A817703F5933AB4</td><td class=\"sbody-td\">D1B69BF2DEB5E0642228C6A5EE44A14C6750ED68591A1A7CB445B7DD7FDDE179</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-ru.msp</td><td class=\"sbody-td\">057B092F18DDA79F486311B9588FEA7823439B4A</td><td class=\"sbody-td\">360131BB82B1149F8472A236635B2ABA02F0B72CEF9D51D65CD90A7D8C3DC3BD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-zh-hans.msp</td><td class=\"sbody-td\">99AC760EC5C32DC705B04D6478C4694DFAD7D652</td><td class=\"sbody-td\">8D119569785EDC93E5070903440FCCACB1894E4803EACCD0A5EF65D357846553</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-zh-hant.msp</td><td class=\"sbody-td\">FA7C94A255C5204D181F56C032D8A9D455308134</td><td class=\"sbody-td\">18EDDD34461B00D7D57E8F88B3651AEEE8D6BC371C52E285B8A35AB81F923C7E</td></tr></table></div> Exchange 2013 cumulative update 3 <br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">SHA1 hash</th><th class=\"sbody-th\">SHA256 hash</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-de.msp</td><td class=\"sbody-td\">F019AE4FC2986629267C65FF3A9A9B767487B13B</td><td class=\"sbody-td\">1F4E1D74119EFE0B5A375A5C6E655DC38A2B6E0B5CAEC08F3B04F8C1416B0F81</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-en.msp</td><td class=\"sbody-td\">50673BFD872001025B326D1E1AA45B1F6E0FB92B</td><td class=\"sbody-td\">04E7534F068699D83811A4E5558AC9DBB282317E7492DA37A2682F83E484D989</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-es.msp</td><td class=\"sbody-td\">03553483E16E59D5FB0CE325585A85E8D6B999E4</td><td class=\"sbody-td\">AA1AE78AF0437087DEF90D22BA9C0EAE6BEB450F4E59A636D64C7F9C23A53F43</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-fr.msp</td><td class=\"sbody-td\">3223706EFB1C9BC373A07FA9CFDB085A8D5FD675</td><td class=\"sbody-td\">0B40FFE8D881CB4380F2B37CDFD1123B02CCDAFBFDEAA60B894F616F25E2FDDF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-it.msp</td><td class=\"sbody-td\">B354B2DD2FE14A7DAF582B983088048D1C0AC3A5</td><td class=\"sbody-td\">74A7A75AE28E23BBFFC0C6FB7903A4E9BFD05FFD23162C1907EA9B557EBDA1BC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-ja.msp</td><td class=\"sbody-td\">01EE293A4F1534C8B0F5EB2D35284882EB4BF6B3</td><td class=\"sbody-td\">59BD26E219A3E55F1D859754F8D03FDF5B76D0CF3658211C9AB5FD9CB727AEC2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-ko.msp</td><td class=\"sbody-td\">C5592A5C218C0558B8E61543B0730AF4EEA0747F</td><td class=\"sbody-td\">A800347F98970E1282FC710B352D04E4FD874470FA77E9122912AD33932FD16A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-pt.msp</td><td class=\"sbody-td\">84044FB3EEA44FB39AAAD947284477A7CD335791</td><td class=\"sbody-td\">702A3D9AA404F92EF1E667178DDC2318C8C0E0775C429E3DF80B1B0E40428C4D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-ru.msp</td><td class=\"sbody-td\">648A14087D0B96C1DF78D112BB0ED6694781D00F</td><td class=\"sbody-td\">C3CFF91B68D376A53EDD57B81E7299F020AB63B5FBB6E531FD7EAA245C6ACF29</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-zh-hans.msp</td><td class=\"sbody-td\">D1F334369CDDBCD82B18283962C74BDEAA7D35B6</td><td class=\"sbody-td\">A9C92319612C92292E25F52F4C8EF0709D99F95613E6AF7B06CF0CB33AB4A447</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">Exchange2013-KB2880833-x64-zh-hant.msp</td><td class=\"sbody-td\">E1E11FD9D0A4D6617B59D78175D9170CCB162BE6</td><td class=\"sbody-td\">5420F1355C70E71A3556225264173691F39142916C60F6031FBD7EF4121DA19C</td></tr></table></div></div><br/></span></div></div></div></div></body></html>", "edition": 2, "cvss3": {}, "published": "2013-12-10T00:00:00", "type": "mskb", "title": "MS13-105: Vulnerabilities in Microsoft Exchange Server could allow remote code execution: December 10, 2013", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1330", "CVE-2013-5763", "CVE-2013-5791", "CVE-2013-5072"], "modified": "2013-12-11T00:31:48", "id": "KB2915705", "href": "https://support.microsoft.com/en-us/help/2915705/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-01-11T14:59:22", "description": "The versions of Office SharePoint Server, SharePoint Server, Windows SharePoint Services, SharePoint Foundation, or Office Web Apps installed on the remote host are affected by multiple vulnerabilities :\n\n - A denial of service vulnerability exits that could cause the W3WP process to stop responding. (CVE-2013-0081)\n\n - A remote code execution vulnerability exists in the way Microsoft Office Services and Web Apps parse content in specially crafted files. (CVE-2013-1315)\n\n - A remote code execution vulnerability exists in the way SharePoint Server handles unassigned workflows.\n (CVE-2013-1330)\n\n - An unspecified cross-site scripting vulnerability exists. (CVE-2013-3179)\n\n - An unspecified POST cross-site scripting vulnerability exists. (CVE-2013-3180)\n\n - Multiple memory corruption vulnerabilities exist in the way that Microsoft Office software parses specially crafted files. (CVE-2013-2847, CVE-2013-3848, CVE-2013-3849, CVE-2013-3857, CVE-2013-3858)", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "nessus", "title": "MS13-067: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2834052)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0081", "CVE-2013-1315", "CVE-2013-1330", "CVE-2013-2847", "CVE-2013-3179", "CVE-2013-3180", "CVE-2013-3847", "CVE-2013-3848", "CVE-2013-3849", "CVE-2013-3857", "CVE-2013-3858"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:microsoft:sharepoint_server", "cpe:/a:microsoft:office_web_apps"], "id": "SMB_NT_MS13-067.NASL", "href": "https://www.tenable.com/plugins/nessus/69827", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69827);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2018/11/15 20:50:31\");\n\n script_cve_id(\n \"CVE-2013-0081\",\n \"CVE-2013-1315\",\n \"CVE-2013-1330\",\n \"CVE-2013-3179\",\n \"CVE-2013-3180\",\n \"CVE-2013-3847\",\n \"CVE-2013-3848\",\n \"CVE-2013-3849\",\n \"CVE-2013-3857\",\n \"CVE-2013-3858\"\n );\n script_bugtraq_id(\n 62165,\n 62167,\n 62168,\n 62169,\n 62205,\n 62221,\n 62224,\n 62226,\n 62227,\n 62254\n );\n script_xref(name:\"EDB-ID\", value:\"28238\");\n script_xref(name:\"MSFT\", value:\"MS13-067\");\n script_xref(name:\"MSKB\", value:\"2794707\");\n script_xref(name:\"MSKB\", value:\"2810083\");\n script_xref(name:\"MSKB\", value:\"2817305\");\n script_xref(name:\"MSKB\", value:\"2817315\");\n script_xref(name:\"MSKB\", value:\"2817393\");\n script_xref(name:\"MSKB\", value:\"2817372\");\n script_xref(name:\"MSKB\", value:\"2810067\");\n script_xref(name:\"MSKB\", value:\"2760420\");\n script_xref(name:\"MSKB\", value:\"2810061\");\n script_xref(name:\"MSKB\", value:\"2760595\");\n script_xref(name:\"MSKB\", value:\"2760589\");\n script_xref(name:\"MSKB\", value:\"2553408\");\n script_xref(name:\"MSKB\", value:\"2760755\");\n script_xref(name:\"MSKB\", value:\"2760594\");\n script_xref(name:\"MSKB\", value:\"2817384\");\n script_xref(name:\"IAVA\", value:\"2013-A-0174\");\n\n script_name(english:\"MS13-067: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2834052)\");\n script_summary(english:\"Checks SharePoint / Office Web Apps version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The versions of Office SharePoint Server, SharePoint Server, Windows\nSharePoint Services, SharePoint Foundation, or Office Web Apps\ninstalled on the remote host are affected by multiple vulnerabilities :\n\n - A denial of service vulnerability exits that could cause\n the W3WP process to stop responding. (CVE-2013-0081)\n\n - A remote code execution vulnerability exists in the way\n Microsoft Office Services and Web Apps parse content in\n specially crafted files. (CVE-2013-1315)\n\n - A remote code execution vulnerability exists in the way\n SharePoint Server handles unassigned workflows.\n (CVE-2013-1330)\n\n - An unspecified cross-site scripting vulnerability\n exists. (CVE-2013-3179)\n\n - An unspecified POST cross-site scripting vulnerability\n exists. (CVE-2013-3180)\n\n - Multiple memory corruption vulnerabilities exist in the\n way that Microsoft Office software parses specially\n crafted files. (CVE-2013-2847, CVE-2013-3848,\n CVE-2013-3849, CVE-2013-3857, CVE-2013-3858)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/528546/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-067\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for SharePoint Server 2007,\nSharePoint Server 2010, SharePoint Foundation 2010, SharePoint Server\n2013, SharePoint Foundation 2013, and Office Web Apps 2010.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office_web_apps\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"office_installed.nasl\", \"ms_bulletin_checks_possible.nasl\", \"microsoft_sharepoint_installed.nbin\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nglobal_var bulletin, vuln;\n\nfunction get_ver()\n{\n local_var fh, path, rc, share, ver;\n\n path = _FCT_ANON_ARGS[0];\n\n share = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:path);\n\n rc = NetUseAdd(share:share);\n if (rc != 1)\n {\n NetUseDel();\n audit(AUDIT_SHARE_FAIL, share);\n }\n\n ver = NULL;\n path = ereg_replace(string:path, pattern:\"^[A-Za-z]:(.*)\", replace:'\\\\1\\\\');\n\n fh = CreateFile(\n file : path,\n desired_access : GENERIC_READ,\n file_attributes : FILE_ATTRIBUTE_NORMAL,\n share_mode : FILE_SHARE_READ,\n create_disposition : OPEN_EXISTING\n );\n if (!isnull(fh))\n {\n ver = GetFileVersion(handle:fh);\n ver = join(ver, sep:\".\");\n CloseFile(handle:fh);\n }\n\n NetUseDel(close:FALSE);\n\n return ver;\n}\n\nfunction check_vuln(fix, kb, name, path, ver)\n{\n local_var info;\n\n if (isnull(ver))\n ver = get_ver(path);\n\n if (isnull(ver) || ver_compare(ver:ver, fix:fix, strict:FALSE) >= 0)\n return 0;\n\n info =\n '\\n Product : ' + name +\n '\\n Path : ' + path +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:kb);\n\n vuln = TRUE;\n}\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS13-067\";\nkbs = make_list(\n 2810083, 2817305, 2817315, 2817393,\n 2817372, 2810067, 2760420, 2810061,\n 2760595, 2760589, 2553408,\n 2760755, 2760594, 2817384\n);\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\", exit_code:1);\n\n# Connect to the registry.\nregistry_init();\nhklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n\n# Get the path information for SharePoint Server 2007\nsps_2007_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Office Server\\12.0\\InstallPath\"\n);\n\n# Get path information for SharePoint Server 2010.\nsps_2010_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Office Server\\14.0\\InstallPath\"\n);\n\n# Get the path information for SharePoint Server 2013\nsps_2013_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Office Server\\15.0\\InstallPath\"\n);\n\n# Get path information for SharePoint Services 2.0\nsps_20_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Shared Tools\\Web Server Extensions\\6.0\\Location\"\n);\n\n# Get the path information for SharePoint Service 3.0\nsps_30_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Shared Tools\\Web Server Extensions\\12.0\\Location\"\n);\n\n# Check if KB2553408 is installed\nkb2553408 = FALSE;\nres = get_reg_name_value_table(handle:hklm, key:\"SOFTWARE\\Classes\\Installer\\Products\\00004109880100000100000000F01FEC\\Patches\");\nforeach item (res)\n{\n if ('9010880000100014.0.7015.1000;:#9010880000100014.0.7015.1000' >< item ||\n '9010880000100014.0.6029.1000;:#9010880000100014.0.6029.1000' >< item)\n kb2553408 = TRUE;\n}\n\n# Get path information for SharePoint Foundation 2010.\nspf_2010_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Shared Tools\\Web Server Extensions\\14.0\\Location\"\n);\n\n# Close connection to registry.\nRegCloseKey(handle:hklm);\nclose_registry(close:FALSE);\n\n# Get path information for Windows.\nwindir = hotfix_get_systemroot();\nif (isnull(windir)) audit(AUDIT_PATH_NOT_DETERMINED, 'system root');\n\n# Get path information for Common Files.\ncommonprogramfiles = hotfix_get_commonfilesdir();\nif (!commonprogramfiles) audit(AUDIT_PATH_NOT_DETERMINED, 'Common Files');\n\n# Get path information for Office Web Apps.\nowa_2010_path = sps_2010_path;\n\n######################################################################\n# SharePoint Services 2.0\n#\n# [KB2810061] onetutil.dll - 11.0.8402.0\n######################################################################\nif (sps_20_path)\n{\n name = \"Office SharePoint Services 2.0\";\n\n check_vuln(\n name : \"SharePoint Services 2.0\",\n kb : \"2810061\",\n path : sps_20_path + \"\\ISAPI\\OWSSVR.DLL\",\n fix : \"11.0.8402.0\"\n );\n}\n\n######################################################################\n# SharePoint Server 2007 SP3\n#\n# [KB2760589] xlsrv.dll - 12.0.6676.5000\n# [KB2760420] owssvr.dll - 12.0.6676.5000\n######################################################################\nif (sps_2007_path)\n{\n name = \"Office SharePoint Server 2007\";\n\n check_vuln(\n name : name,\n kb : \"2760589\",\n path : sps_2007_path + \"Bin\\xlsrv.dll\",\n fix : \"12.0.6676.5000\"\n );\n\n if (sps_30_path)\n {\n check_vuln(\n name : name,\n kb : \"2760420\",\n path : sps_30_path + \"\\ISAPI\\OWSSVR.DLL\",\n fix : \"12.0.6676.5000\"\n );\n }\n}\n\n######################################################################\n# SharePoint Foundation 2010 SP1 / SP2\n#\n# [KB2810067] Onetutil.dll: 14.0.7105.5000\n######################################################################\nif (spf_2010_path)\n{\n path = spf_2010_path + \"Bin\\Onetutil.dll\";\n ver = get_ver(path);\n\n if (ver && ver =~ \"^14\\.\")\n {\n check_vuln(\n name : \"SharePoint Foundation 2010\",\n kb : \"2810067\",\n path : path,\n ver : ver,\n fix : \"14.0.7105.5000\"\n );\n }\n}\n\n######################################################################\n# SharePoint Server 2010 SP1 / SP2\n#\n# [KB2817393] - MSSCPI.dll: 14.0.7105.5000\n# [KB2817372] - SVRSETUP.dll: 14.0.7106.5000\n# [KB2760595] - xlsrv.dll: 14.0.7104.5000\n# [KB2760755] - wdsrvworker.dll: 14.0.6112.5000\n######################################################################\nif (sps_2010_path)\n{\n name = \"Office SharePoint Server 2010\";\n\n check_vuln(\n name : name,\n kb : \"2817393\",\n path : sps_2010_path + \"Bin\\MSSCPI.dll\",\n fix : \"14.0.7105.5000\"\n );\n\n check_vuln(\n name : name,\n kb : \"2817372\",\n path : commonprogramfiles + \"\\Microsoft Shared\\SERVER14\\Server Setup Controller\\SVRSETUP.DLL\",\n fix : \"14.0.7106.5000\"\n );\n\n check_vuln(\n name : name,\n kb : \"2760595\",\n path : sps_2010_path + \"Bin\\xlsrv.dll\",\n fix : \"14.0.7104.5000\"\n );\n\n check_vuln(\n name : name,\n kb : \"2760755\",\n path : sps_2010_path + \"WebServices\\WordServer\\Core\\wdsrvworker.dll\",\n fix : \"14.0.6112.5000\"\n );\n\n sps2010edition = get_kb_item(\"SMB/Microsoft SharePoint/14.0/Edition\");\n if (!kb2553408 && (!empty_or_null(sps2010edition) && 'Foundation' >!< sps2010edition))\n {\n hotfix_add_report(' According to the registry, KB2553408 is missing.\\n', bulletin:bulletin, kb:'2553408');\n vuln++;\n }\n}\n\n######################################################################\n# SharePoint Foundation 2013\n#\n# [KB2817315] Onetutil.dll: 15.0.4535.1000\n######################################################################\nif (spf_2013_path)\n{\n path = spf_2013_path + \"Bin\\Onetutil.dll\";\n ver = get_ver(path);\n\n if (ver && ver =~ \"^15\\.\")\n {\n check_vuln(\n name : \"SharePoint Foundation 2013\",\n kb : \"2817315\",\n path : path,\n ver : ver,\n fix : \"15.0.4535.1000\"\n );\n }\n}\n\n######################################################################\n# SharePoint Server 2013\n#\n# [KB2810083] - MSSCPI.dll: 14.0.7105.5000\n# [KB2817305] - sword.dlla: 15.0.4535.1000\n######################################################################\nif (sps_2013_path)\n{\n name = \"Office SharePoint Server 2013\";\n\n check_vuln(\n name : name,\n kb : \"2810083\",\n path : sps_2013_path + \"Bin\\MSSCPI.dll\",\n fix : \"15.0.4535.1000\"\n );\n\n check_vuln(\n name : name,\n kb : \"2817305\",\n path : sps_2013_path + \"\\WebServices\\ConversionServices\\sword.dll\",\n fix : \"15.0.4525.1000\"\n );\n}\n\n######################################################################\n# Office Web Apps 2010 SP1 / SP2\n#\n# [KB2760594] xlsrv.dll: 14.0.7104.5000\n# [KB2817384] sword.dll: 14.0.7106.5001\n######################################################################\nif (owa_2010_path)\n{\n check_vuln(\n name : \"Office Web Apps 2010\",\n kb : \"2760594\",\n path : owa_2010_path + \"Bin\\xlsrv.dll\",\n fix : \"14.0.7104.5000\"\n );\n\n check_vuln(\n name : \"Office Web Apps 2010\",\n kb : \"2817384\",\n path : owa_2010_path + \"WebServices\\ConversionService\\Bin\\Converter\\sword.dll\",\n fix : \"14.0.7106.5001\"\n );\n}\n\n\nif (vuln)\n{\n set_kb_item(name:\"www/0/XSS\", value:TRUE);\n\n set_kb_item(name:\"SMB/Missing/\" + bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, \"affected\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-19T14:51:54", "description": "The remote Windows host is running a version of Microsoft Office, Microsoft Word, Office Compatibility Pack, or Microsoft Word Viewer that is affected by the following remote code execution vulnerabilities :\n\n - A remote code execution vulnerability exists due to the way the XML parser used by Word resolves external entities. (CVE-2013-3160)\n\n - Remote code execution vulnerabilities exist due to memory corruption issues in the way that Microsoft Office parses files.\n (CVE-2013-3847, CVE-2013-3848, CVE-2013-3849, CVE-2013-3850, CVE-2013-3851, CVE-2013-3852, CVE-2013-3853, CVE-2013-3854, CVE-2013-3855, CVE-2013-3856, CVE-2013-3857, CVE-2013-3858)\n\nIf an attacker can trick a user on the affected host into opening a specially crafted file, it may be possible to leverage these issues to read arbitrary files on the target system or execute arbitrary code, subject to the user's privileges.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "nessus", "title": "MS13-072: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2845537)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3160", "CVE-2013-3847", "CVE-2013-3848", "CVE-2013-3849", "CVE-2013-3850", "CVE-2013-3851", "CVE-2013-3852", "CVE-2013-3853", "CVE-2013-3854", "CVE-2013-3855", "CVE-2013-3856", "CVE-2013-3857", "CVE-2013-3858"], "modified": "2023-02-16T00:00:00", "cpe": ["cpe:/a:microsoft:office", "cpe:/a:microsoft:word_viewer", "cpe:/a:microsoft:office_compatibility_pack"], "id": "SMB_NT_MS13-072.NASL", "href": "https://www.tenable.com/plugins/nessus/69832", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69832);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/16\");\n\n script_cve_id(\n \"CVE-2013-3160\",\n \"CVE-2013-3847\",\n \"CVE-2013-3848\",\n \"CVE-2013-3849\",\n \"CVE-2013-3850\",\n \"CVE-2013-3851\",\n \"CVE-2013-3852\",\n \"CVE-2013-3853\",\n \"CVE-2013-3854\",\n \"CVE-2013-3855\",\n \"CVE-2013-3856\",\n \"CVE-2013-3857\",\n \"CVE-2013-3858\"\n );\n script_bugtraq_id(\n 62162,\n 62165,\n 62168,\n 62169,\n 62170,\n 62171,\n 62216,\n 62217,\n 62220,\n 62222,\n 62223,\n 62224,\n 62226\n );\n script_xref(name:\"MSFT\", value:\"MS13-072\");\n script_xref(name:\"MSKB\", value:\"2597973\");\n script_xref(name:\"MSKB\", value:\"2760411\");\n script_xref(name:\"MSKB\", value:\"2760769\");\n script_xref(name:\"MSKB\", value:\"2760823\");\n script_xref(name:\"MSKB\", value:\"2767773\");\n script_xref(name:\"MSKB\", value:\"2767913\");\n script_xref(name:\"MSKB\", value:\"2817474\");\n script_xref(name:\"MSKB\", value:\"2817682\");\n script_xref(name:\"MSKB\", value:\"2817683\");\n script_xref(name:\"MSKB\", value:\"2845537\");\n script_xref(name:\"IAVA\", value:\"2013-A-0178-S\");\n\n script_name(english:\"MS13-072: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2845537)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Office component installed on the remote host is affected\nby multiple remote code execution vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is running a version of Microsoft Office,\nMicrosoft Word, Office Compatibility Pack, or Microsoft Word Viewer that\nis affected by the following remote code execution vulnerabilities :\n\n - A remote code execution vulnerability exists due to the\n way the XML parser used by Word resolves external\n entities. (CVE-2013-3160)\n\n - Remote code execution vulnerabilities exist due to\n memory corruption issues in the way that Microsoft\n Office parses files.\n (CVE-2013-3847, CVE-2013-3848, CVE-2013-3849,\n CVE-2013-3850, CVE-2013-3851, CVE-2013-3852,\n CVE-2013-3853, CVE-2013-3854, CVE-2013-3855,\n CVE-2013-3856, CVE-2013-3857, CVE-2013-3858)\n\nIf an attacker can trick a user on the affected host into opening a\nspecially crafted file, it may be possible to leverage these issues to\nread arbitrary files on the target system or execute arbitrary code,\nsubject to the user's privileges.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-072\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for Office 2003, 2007, 2010,\nOffice Compatibility Pack, and Microsoft Word Viewer.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:word_viewer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office_compatibility_pack\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2023 Tenable Network Security, Inc.\");\n\n script_dependencies(\"office_installed.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nglobal_var bulletin, vuln;\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS13-072';\nkbs = make_list(\n 2597973,\n 2760411,\n 2760769,\n 2760823,\n 2767773,\n 2767913,\n 2817474,\n 2817682,\n 2817683,\n 2845537\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\n# Word\nkb = \"\";\ninstalls = get_kb_list(\"SMB/Office/Word/*/ProductPath\");\nif (!isnull(installs))\n{\n foreach install (keys(installs))\n {\n version = install - 'SMB/Office/Word/' - '/ProductPath';\n path = installs[install];\n info = \"\";\n\n ver = split(version, sep:'.', keep:FALSE);\n for (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n # Word 2010\n if (\n ver[0] == 14 && ver[1] == 0 &&\n (\n ver[2] < 7106 ||\n (ver[2] == 7106 && ver[3] < 5001)\n )\n )\n {\n office_sp = get_kb_item(\"SMB/Office/2010/SP\");\n if (!isnull(office_sp) && (office_sp == 1 || office_sp == 2))\n {\n info =\n '\\n Product : Word 2010' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 14.0.7106.5001' + '\\n';\n kb = \"2760769\";\n }\n }\n\n # Word 2007\n if (\n ver[0] == 12 && ver[1] == 0 &&\n (\n ver[2] < 6683 ||\n (ver[2] == 6683 && ver[3] < 5001)\n )\n )\n {\n office_sp = get_kb_item(\"SMB/Office/2007/SP\");\n if (!isnull(office_sp) && office_sp == 3)\n {\n info =\n '\\n Product : Word 2007' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 12.0.6683.5001' + '\\n';\n kb = \"2767773\";\n }\n }\n\n # Word 2003\n if (ver[0] == 11 && ver[1] == 0 && ver[2] < 8406)\n {\n office_sp = get_kb_item(\"SMB/Office/2003/SP\");\n if (!isnull(office_sp) && office_sp == 3)\n {\n info =\n '\\n Product : Word 2003' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 11.0.8406.0' + '\\n';\n kb = \"2817682\";\n }\n }\n\n if (info)\n {\n hotfix_add_report(info, bulletin:bulletin, kb:kb);\n vuln = TRUE;\n }\n }\n}\n\n# Word Viewer\ninstalls = get_kb_list(\"SMB/Office/WordViewer/*/ProductPath\");\nif (!isnull(installs))\n{\n foreach install (keys(installs))\n {\n info = \"\";\n version = install - 'SMB/Office/WordViewer/' - '/ProductPath';\n path = installs[install];\n if (isnull(path)) path = \"n/a\";\n\n ver = split(version, sep:'.', keep:FALSE);\n for (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n if (ver[0] == 11 && ver[1] == 0 && ver[2] < 8406)\n {\n info =\n '\\n Product : Word Viewer' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 11.0.8406.0' + '\\n';\n kb = \"2817683\";\n }\n\n if (info)\n {\n hotfix_add_report(info, bulletin:bulletin, kb:kb);\n vuln = TRUE;\n break;\n }\n }\n}\n\n# Ensure Office is installed\noffice_vers = hotfix_check_office_version();\nif (!isnull(office_vers))\n{\n # Ensure we can get common files directory\n commonfiles = hotfix_get_officecommonfilesdir(officever:\"11.0\");\n if (commonfiles)\n {\n # Ensure share is accessible\n share = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:commonfiles);\n if (is_accessible_share(share:share))\n {\n # Office 2003 SP3\n if (office_vers[\"11.0\"])\n {\n office_sp = get_kb_item(\"SMB/Office/2003/SP\");\n if (!isnull(office_sp) && office_sp == 3)\n {\n path = commonfiles + \"\\Microsoft Shared\\Office11\";\n old_report = hotfix_get_report();\n check_file = \"Mso.dll\";\n\n if (hotfix_check_fversion(path:path, file:check_file, version:\"11.0.8405\", min_version:\"11.0.0.0\") == HCF_OLDER)\n {\n file = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", string:path, replace:\"\\1\\\" + check_file);\n kb_name = \"SMB/FileVersions/\"+tolower(share-'$')+tolower(str_replace(string:file, find:\"\\\", replace:\"/\"));\n version = get_kb_item(kb_name);\n\n info =\n '\\n Product : Microsoft Office 2003' +\n '\\n File : ' + path + '\\\\' + check_file +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 11.0.8405' + '\\n';\n\n hcf_report = '';\n hotfix_add_report(old_report + info, bulletin:bulletin, kb:\"2817474\");\n vuln = TRUE;\n }\n }\n }\n\n # Office 2007 SP3\n if (office_vers[\"12.0\"])\n {\n office_sp = get_kb_item(\"SMB/Office/2007/SP\");\n if (!isnull(office_sp) && office_sp == 3)\n {\n path = commonfiles + \"\\Microsoft Shared\\Office12\";\n old_report = hotfix_get_report();\n check_file = \"Msptls.dll\";\n\n if (hotfix_check_fversion(path:path, file:check_file, version:\"12.0.6682.5000\", min_version:\"12.0.0.0\") == HCF_OLDER)\n {\n file = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", string:path, replace:\"\\1\\\" + check_file);\n kb_name = \"SMB/FileVersions/\"+tolower(share-'$')+tolower(str_replace(string:file, find:\"\\\", replace:\"/\"));\n version = get_kb_item(kb_name);\n\n info =\n '\\n Product : Microsoft Office 2007 SP3' +\n '\\n File : ' + path + '\\\\' + check_file +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 12.0.6682.5000' + '\\n';\n\n hcf_report = '';\n hotfix_add_report(old_report + info, bulletin:bulletin, kb:\"2597973\");\n vuln = TRUE;\n }\n }\n }\n\n # Office 2007 SP3\n if (office_vers[\"12.0\"])\n {\n office_sp = get_kb_item(\"SMB/Office/2007/SP\");\n if (!isnull(office_sp) && office_sp == 3)\n {\n path = commonfiles + \"\\Microsoft Shared\\Office12\";\n old_report = hotfix_get_report();\n check_file = \"Mso.dll\";\n\n if (hotfix_check_fversion(path:path, file:check_file, version:\"12.0.6683.5000\", min_version:\"12.0.0.0\") == HCF_OLDER)\n {\n file = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", string:path, replace:\"\\1\\\" + check_file);\n kb_name = \"SMB/FileVersions/\"+tolower(share-'$')+tolower(str_replace(string:file, find:\"\\\", replace:\"/\"));\n version = get_kb_item(kb_name);\n\n info =\n '\\n Product : Microsoft Office 2007 SP3' +\n '\\n File : ' + path + '\\\\' + check_file +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 12.0.6683.5000' + '\\n';\n\n hcf_report = '';\n hotfix_add_report(old_report + info, bulletin:bulletin, kb:\"2760411\");\n vuln = TRUE;\n }\n }\n }\n\n # Office 2010\n if (office_vers[\"14.0\"])\n {\n office_sp = get_kb_item(\"SMB/Office/2010/SP\");\n if (!isnull(office_sp) && (office_sp == 1 || office_sp == 2))\n {\n path = get_kb_item(\"SMB/Office/Word/14.0/Path\");\n if (path)\n {\n old_report = hotfix_get_report();\n check_file = \"Wwlib.dll\";\n\n if (hotfix_check_fversion(path:path, file:check_file, version:\"14.0.7106.5001\", min_version:\"14.0.0.0\") == HCF_OLDER)\n {\n file = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", string:path, replace:\"\\1\\\" + check_file);\n kb_name = \"SMB/FileVersions/\"+tolower(share-'$')+tolower(str_replace(string:file, find:\"\\\", replace:\"/\"));\n version = get_kb_item(kb_name);\n\n info =\n '\\n Product : Microsoft Office 2010' +\n '\\n File : ' + path + '\\\\' + check_file +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 14.0.7106.5001' + '\\n';\n\n hcf_report = '';\n hotfix_add_report(old_report + info, bulletin:bulletin, kb:\"2767913\");\n vuln = TRUE;\n }\n }\n }\n }\n }\n }\n}\n\nversion = '';\ninstalls = get_kb_list(\"SMB/Office/WordCnv/*/ProductPath\");\nif (!isnull(installs))\n{\n foreach install (keys(installs))\n {\n version = install - 'SMB/Office/WordCnv/' - '/ProductPath';\n path = installs[install];\n\n if (path)\n {\n share = hotfix_path2share(path:path);\n if (!is_accessible_share(share:share))\n audit(AUDIT_SHARE_FAIL, share);\n\n path = path - '\\\\Wordconv.exe';\n\n old_report = hotfix_get_report();\n check_file = \"wordcnv.dll\";\n\n if (hotfix_check_fversion(path:path, file:check_file, version:\"12.0.6683.5001\") == HCF_OLDER)\n {\n file = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", string:path, replace:\"\\1\\\" + check_file);\n kb_name = \"SMB/FileVersions/\"+tolower(share-'$')+tolower(str_replace(string:file, find:\"\\\", replace:\"/\"));\n kb_name = ereg_replace(pattern:\"//\"+check_file, replace:\"/\"+check_file, string:kb_name);\n version = get_kb_item(kb_name);\n\n info =\n '\\n Product : Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats' +\n '\\n File : ' + path + '\\\\' + check_file +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 12.0.6683.5001' + '\\n';\n\n hcf_report = '';\n hotfix_add_report(old_report + info, bulletin:bulletin, kb:\"2760823\");\n vuln = TRUE;\n }\n }\n }\n}\nif (!version)\n{\n # Additional check if registry key is missing\n path = hotfix_get_officecommonfilesdir(officever:\"12.0\") + \"\\Microsoft Office\\Office12\";\n\n kb = \"2760823\";\n if (\n hotfix_is_vulnerable(file:\"wordcnv.dll\", version:\"12.0.6683.5001\", min_version:\"12.0.0.0\", path:path, bulletin:bulletin, kb:kb)\n ) vuln = TRUE;\n}\n\nif (vuln)\n{\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, 'affected');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:58:19", "description": "The remote Mac OS X host is running a version of Microsoft Excel that is affected by the following vulnerabilities :\n\n - Two memory corruption vulnerabilities exist due to the way the application handles objects in memory when parsing Office files. (CVE-2013-1315 / CVE-2013-3158)\n\n - An information disclosure vulnerability exists due to the way the application parses XML files containing external entities. (CVE-2013-3159)\n\nIf an attacker can trick a user on the affected host into opening a specially crafted Excel file, it may be possible to leverage these issues to read arbitrary files on the target system or execute arbitrary code, subject to the user's privileges.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "nessus", "title": "MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2858300) (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1315", "CVE-2013-3158", "CVE-2013-3159"], "modified": "2022-06-29T00:00:00", "cpe": ["cpe:/a:microsoft:office:2011::mac"], "id": "MACOSX_MS13-073.NASL", "href": "https://www.tenable.com/plugins/nessus/69839", "sourceData": "#TRUSTED b0f1ce2af5be68c246a41cbb9813fbbb0a4ea33087337876b609f1f0df569382be56159100142584349c3fa6603044803546a023e8bab1cb7c7ff5cc0578047f74bf6b560ceb8c01a5cd5a10c7d0c6991d9901b96f19eb4961d773d39aac5cf2f7e20311743e8edc1c9e53894ee0a8a8a440e75b869aec90903915823640a816033c08da443f657fed91f691cd025d5becced0cee06f4304e17e472acdccdb4c8cc6993fb44c3d6c49155d95f059e180508ec0b2e4aa2803de258b11ce9f51ba98ec99eeb5a3b8d5d3f9117da6a943c7ef468fad622db5f61dfec8a9aa25a0e0d8cbda7e096a4b0b449a7c6eb7c575ee10ec82af59d5c473b6c6e911eb5409b05ecfa08179b651a9e6236de88bf1d59e1f9bb98d1fff6482d053ee83da92f6af8d96252425878e0b03248ce125b9a697c5a122def4c78b03100618c13a8b64a72a626ee1b080672952bfefc709ba9bc43244d60279d0c3243b9914b24641055f36663caf2dacd08c47bdc71cd62b699e63d0552a94632aa725d2047ceb3657499ede131e311b957542af9fb170c620597467d562b62c2950049c90a90c5a94f3e6e01238e4d65b2e24339346f8fea08cf606f0f6778e40a471922693af8fb866fadb493cd2da5750685ce406917cb9b9e1b4bbe10d3e549c0980347fb4a0f954cc3c623a9256caffb615ba781463b6b378170b65b802242a15e1464711cce6e6\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69839);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/29\");\n\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_xref(name:\"MSFT\", value:\"MS13-073\");\n script_xref(name:\"MSKB\", value:\"2877813\");\n\n script_name(english:\"MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2858300) (Mac OS X)\");\n script_summary(english:\"Check version of Microsoft Office\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"An application installed on the remote Mac OS X host is affected by\nmultiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote Mac OS X host is running a version of Microsoft Excel that\nis affected by the following vulnerabilities :\n\n - Two memory corruption vulnerabilities exist due to the\n way the application handles objects in memory when\n parsing Office files. (CVE-2013-1315 / CVE-2013-3158)\n\n - An information disclosure vulnerability exists due to\n the way the application parses XML files containing\n external entities. (CVE-2013-3159)\n\nIf an attacker can trick a user on the affected host into opening a\nspecially crafted Excel file, it may be possible to leverage these\nissues to read arbitrary files on the target system or execute\narbitrary code, subject to the user's privileges.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_set_attribute(attribute:\"solution\", value:\"Microsoft has released a patch for Office for Mac 2011.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office:2011::mac\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"ssh_func.inc\");\ninclude(\"macosx_func.inc\");\n\n\n\nif(sshlib::get_support_level() >= sshlib::SSH_LIB_SUPPORTS_COMMANDS ||\n get_one_kb_item('HostLevelChecks/proto') == 'local')\n enable_ssh_wrappers();\nelse disable_ssh_wrappers();\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n\n# Gather version info.\ninfo = '';\ninstalls = make_array();\n\nprod = 'Office for Mac 2011';\nplist = \"/Applications/Microsoft Office 2011/Office/MicrosoftComponentPlugin.framework/Versions/14/Resources/Info.plist\";\ncmd = 'cat \\'' + plist + '\\' | ' +\n 'grep -A 1 CFBundleShortVersionString | ' +\n 'tail -n 1 | ' +\n 'sed \\'s/.*string>\\\\(.*\\\\)<\\\\/string>.*/\\\\1/g\\'';\nversion = exec_cmd(cmd:cmd);\nif (version && version =~ \"^[0-9]+\\.\")\n{\n version = chomp(version);\n if (version !~ \"^14\\.\") exit(1, \"Failed to get the version for \"+prod+\" - '\"+version+\"'.\");\n\n installs[prod] = version;\n\n ver = split(version, sep:'.', keep:FALSE);\n for (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n fixed_version = '14.3.7';\n fix = split(fixed_version, sep:'.', keep:FALSE);\n for (i=0; i<max_index(fix); i++)\n fix[i] = int(fix[i]);\n\n for (i=0; i<max_index(fix); i++)\n if ((ver[i] < fix[i]))\n {\n info +=\n '\\n Product : ' + prod +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n break;\n }\n else if (ver[i] > fix[i])\n break;\n}\n\n\n# Report findings.\nif (info)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:info);\n else security_hole(0);\n\n exit(0);\n}\nelse\n{\n if (max_index(keys(installs)) == 0) exit(0, \"Office for Mac 2011 is not installed.\");\n else\n {\n msg = 'The host has ';\n foreach prod (sort(keys(installs)))\n msg += prod + ' ' + installs[prod] + ' and ';\n msg = substr(msg, 0, strlen(msg)-1-strlen(' and '));\n\n msg += ' installed and thus is not affected.';\n\n exit(0, msg);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:59:21", "description": "The remote Windows host is running a version of Microsoft Excel that is affected by the following vulnerabilities :\n\n - Two memory corruption vulnerabilities exist due to the way the application handles objects in memory when parsing Office files. (CVE-2013-1315 / CVE-2013-3158)\n\n - An information disclosure vulnerability exists due to the way the application parses XML files containing external entities. (CVE-2013-3159)\n\nIf an attacker can trick a user on the affected host into opening a specially crafted Excel file, it may be possible to leverage these issues to read arbitrary files on the target system or execute arbitrary code, subject to the user's privileges.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "nessus", "title": "MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2858300))", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1315", "CVE-2013-3158", "CVE-2013-3159"], "modified": "2019-12-13T00:00:00", "cpe": ["cpe:/a:microsoft:excel", "cpe:/a:microsoft:excel_viewer", "cpe:/a:microsoft:office", "cpe:/a:microsoft:office_compatibility_pack"], "id": "SMB_NT_MS13-073.NASL", "href": "https://www.tenable.com/plugins/nessus/69833", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69833);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/12/13\");\n\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_xref(name:\"MSFT\", value:\"MS13-073\");\n script_xref(name:\"MSKB\", value:\"2858300\");\n script_xref(name:\"MSKB\", value:\"2760583\");\n script_xref(name:\"MSKB\", value:\"2760588\");\n script_xref(name:\"MSKB\", value:\"2760590\");\n script_xref(name:\"MSKB\", value:\"2760597\");\n script_xref(name:\"MSKB\", value:\"2768017\");\n script_xref(name:\"MSKB\", value:\"2810048\");\n\n script_name(english:\"MS13-073: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2858300))\");\n script_summary(english:\"Checks versions of Excel, Excelcnv.exe, and Xlview.exe.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"It is possible to execute arbitrary code on the remote host through\nMicrosoft Excel.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is running a version of Microsoft Excel that\nis affected by the following vulnerabilities :\n\n - Two memory corruption vulnerabilities exist due to the\n way the application handles objects in memory when\n parsing Office files. (CVE-2013-1315 / CVE-2013-3158)\n\n - An information disclosure vulnerability exists due to\n the way the application parses XML files containing\n external entities. (CVE-2013-3159)\n\nIf an attacker can trick a user on the affected host into opening a\nspecially crafted Excel file, it may be possible to leverage these\nissues to read arbitrary files on the target system or execute\narbitrary code, subject to the user's privileges.\");\n # https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-073\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b5d71423\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for Excel 2003, 2007, 2010,\n2013, Excel Viewer, and Office Compatibility Pack.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:excel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:excel_viewer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office_compatibility_pack\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"office_installed.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS13-073\";\nkbs = make_list(\n 2858300, 2760583, 2760588, 2760590, 2760597, 2768017, 2810048\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\ninfo = \"\";\nvuln = FALSE;\n\n######################################################################\n# Excel\n######################################################################\ninstalls = get_kb_list(\"SMB/Office/Excel/*/ProductPath\");\nif (!isnull(installs))\n{\n foreach install (keys(installs))\n {\n version = install - 'SMB/Office/Excel/' - '/ProductPath';\n path = installs[install];\n if (isnull(path)) path = \"n/a\";\n\n ver = split(version, sep:\".\", keep:FALSE);\n for (i = 0; i < max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n # Excel 2013.\n if (\n (ver[0] == 15 && ver[1] == 0 && ver[2] < 4535) ||\n (ver[0] == 15 && ver[1] == 0 && ver[2] == 4535 && ver[3] < 1003)\n )\n {\n vuln = TRUE;\n info =\n '\\n Product : Excel 2013' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 15.0.4535.1003' +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:\"2768017\");\n }\n\n # Excel 2010.\n office_sp = get_kb_item(\"SMB/Office/2010/SP\");\n if (\n (!isnull(office_sp) && ( (office_sp == 1) || (office_sp == 2) ) ) &&\n (\n (ver[0] == 14 && ver[1] == 0 && ver[2] < 7104) ||\n (ver[0] == 14 && ver[1] == 0 && ver[2] == 7104 && ver[3] < 5000)\n )\n )\n {\n vuln = TRUE;\n info =\n '\\n Product : Excel 2010' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 14.0.7104.5000' +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:\"2760597\");\n }\n\n # Excel 2007.\n office_sp = get_kb_item(\"SMB/Office/2007/SP\");\n if (\n (!isnull(office_sp) && (office_sp == 3)) &&\n (\n (ver[0] == 12 && ver[1] == 0 && ver[2] < 6679) ||\n (ver[0] == 12 && ver[1] == 0 && ver[2] == 6679 && ver[3] < 5000)\n )\n )\n {\n vuln = TRUE;\n info =\n '\\n Product : Excel 2007' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 12.0.6679.5000' +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:\"2760583\");\n }\n\n # Excel 2003.\n office_sp = get_kb_item(\"SMB/Office/2003/SP\");\n if ((!isnull(office_sp) && office_sp == 3) && (ver[0] == 11 && ver[1] == 0 && ver[2] < 8404))\n {\n vuln = TRUE;\n info =\n '\\n Product : Excel 2003' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 11.0.8404.0' +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:\"2810048\");\n }\n }\n}\n\n######################################################################\n# Excel Viewer\n######################################################################\nversion = '';\ninstalls = get_kb_list(\"SMB/Office/ExcelViewer/*/ProductPath\");\nif (!isnull(installs))\n{\n foreach install (keys(installs))\n {\n version = install - 'SMB/Office/ExcelViewer/' - '/ProductPath';\n path = installs[install];\n if (isnull(path)) path = \"n/a\";\n\n ver = split(version, sep:\".\", keep:FALSE);\n for (i = 0; i < max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n # Excel Viewer 2007 SP3.\n if (\n (ver[0] == 12 && ver[1] == 0 && ver[2] >= 6611) &&\n (\n (ver[0] == 12 && ver[1] == 0 && ver[2] < 6679) ||\n (ver[0] == 12 && ver[1] == 0 && ver[2] == 6679 && ver[3] < 5000)\n )\n )\n {\n vuln = TRUE;\n info =\n '\\n Product : Excel Viewer' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 12.0.6679.5000' +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:\"2760590\");\n break;\n }\n }\n}\nx86_path = hotfix_get_commonfilesdir();\nx64_path = hotfix_get_programfilesdirx86();\nif (!version)\n{\n kb = \"2760590\";\n if (\n (x86_path && hotfix_is_vulnerable(file:\"Xlview.exe\", version:\"12.0.6679.5000\", min_version:\"12.0.0.0\", path:x86_path + \"\\Microsoft Office\\Office12\", bulletin:bulletin, kb:kb)) ||\n (x64_path && hotfix_is_vulnerable(file:\"Xlview.exe\", arch:\"x64\", version:\"12.0.6679.5000\", min_version:\"12.0.0.0\", path:x64_path + \"\\Microsoft Office\\Office12\", bulletin:bulletin, kb:kb))\n ) vuln = TRUE;\n}\n\n\n######################################################################\n# Microsoft Office Compatibility Pack\n######################################################################\nversion = '';\ninstalls = get_kb_list(\"SMB/Office/ExcelCnv/*/ProductPath\");\nif (!isnull(installs))\n{\n foreach install (keys(installs))\n {\n version = install - 'SMB/Office/ExcelCnv/' - '/ProductPath';\n path = installs[install];\n if (isnull(path)) path = \"n/a\";\n\n ver = split(version, sep:\".\", keep:FALSE);\n for (i = 0; i < max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n if (\n (ver[0] == 12 && ver[1] == 0 && ver[2] < 6679) ||\n (ver[0] == 12 && ver[1] == 0 && ver[2] == 6679 && ver[3] < 5000)\n )\n {\n info =\n '\\n Product : 2007 Office system and the Office Compatibility Pack' +\n '\\n File : '+ path +\n '\\n Installed version : '+ version +\n '\\n Fixed version : 12.0.6679.5000' +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:\"2760588\");\n }\n }\n}\nif (!version)\n{\n kb = \"2760588\";\n if (\n (x86_path && hotfix_is_vulnerable(file:\"Excelcnv.exe\", version:\"12.0.6679.5000\", min_version:\"12.0.0.0\", path:x86_path + \"\\Microsoft Office\\Office12\", bulletin:bulletin, kb:kb)) ||\n (x64_path && hotfix_is_vulnerable(file:\"Excelcnv.exe\", arch:\"x64\", version:\"12.0.6679.5000\", min_version:\"12.0.0.0\", path:x64_path + \"\\Microsoft Office\\Office12\", bulletin:bulletin, kb:kb))\n ) vuln = TRUE;\n}\n\nif (info || vuln)\n{\n set_kb_item(name:\"SMB/Missing/\" + bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, \"affected\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:03:10", "description": "The version of Microsoft Exchange installed on the host is affected by the following vulnerabilities :\n\n - A code execution vulnerability exists that could allow an attacker to execute arbitrary code in the context of the OWA service account. (CVE-2013-1330)\n\n - A cross-site scripting vulnerability exists in OWA in which an attacker could elevate their privileges and run a script in the context of the current user.\n (CVE-2013-5072)\n\n - Two code execution vulnerabilities exist in the WebReady Document Viewing feature of Outlook Web Access. Code execution is limited to the LocalService account. In addition, a denial of service vulnerability exists in the DLP feature of Exchange 2013. (CVE-2013-5763, CVE-2013-5791)", "cvss3": {}, "published": "2013-12-11T00:00:00", "type": "nessus", "title": "MS13-105: Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2915705)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1330", "CVE-2013-5072", "CVE-2013-5763", "CVE-2013-5791"], "modified": "2019-01-10T00:00:00", "cpe": ["cpe:/a:microsoft:exchange_server"], "id": "SMB_NT_MS13-105.NASL", "href": "https://www.tenable.com/plugins/nessus/71320", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71320);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/01/10 15:44:14\");\n\n script_cve_id(\n \"CVE-2013-1330\",\n \"CVE-2013-5072\",\n \"CVE-2013-5763\",\n \"CVE-2013-5791\"\n );\n script_bugtraq_id(62221, 63076, 63741, 64085);\n script_xref(name:\"CERT\", value:\"953241\");\n script_xref(name:\"CERT\", value:\"959313\");\n script_xref(name:\"EDB-ID\", value:\"31222\");\n script_xref(name:\"MSFT\", value:\"MS13-105\");\n script_xref(name:\"MSKB\", value:\"2880833\");\n script_xref(name:\"MSKB\", value:\"2905616\");\n script_xref(name:\"MSKB\", value:\"2903911\");\n script_xref(name:\"MSKB\", value:\"2903903\");\n\n script_name(english:\"MS13-105: Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2915705)\");\n script_summary(english:\"Checks version of vshwp2.dll.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote mail server has multiple vulnerabilities.\");\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of Microsoft Exchange installed on the host is affected by\nthe following vulnerabilities :\n\n - A code execution vulnerability exists that could allow\n an attacker to execute arbitrary code in the context of\n the OWA service account. (CVE-2013-1330)\n\n - A cross-site scripting vulnerability exists in OWA in\n which an attacker could elevate their privileges and run\n a script in the context of the current user.\n (CVE-2013-5072)\n\n - Two code execution vulnerabilities exist in the WebReady\n Document Viewing feature of Outlook Web Access. Code\n execution is limited to the LocalService account. In\n addition, a denial of service vulnerability exists in\n the DLP feature of Exchange 2013. (CVE-2013-5763,\n CVE-2013-5791)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-105\");\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Microsoft has released a set of patches for Exchange 2007 SP3, 2010 SP2\nand SP3, 2013 CU2 and CU3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:exchange_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nport = kb_smb_transport();\n\nbulletin = 'MS13-105';\nkbs = make_list(\n '2880833', # Exchange 2013 CU2 & CU3\n '2905616', # Exchange 2010 SP3 - Rollup 4\n '2903911', # Exchange 2007 SP3 - Rollup 12\n '2903903' # Exchange 2010 SP2 - Rollup 8\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\nversion = get_kb_item_or_exit('SMB/Exchange/Version');\nsp = int(get_kb_item('SMB/Exchange/SP'));\n\n# bail out if one of the following affected configurations is not seen\nif (version != 80 && version != 140 && version != 150) # not 2007, 2010\n audit(AUDIT_INST_VER_NOT_VULN, 'Exchange', version);\nelse if (version == 80 && sp != 3) # not 2007 SP3\n audit(AUDIT_INST_VER_NOT_VULN, 'Exchange', '2007 SP' + sp);\nelse if (version == 140 && sp != 2 && sp != 3) # not 2010 SP2 or SP3\n audit(AUDIT_INST_VER_NOT_VULN, 'Exchange', '2010 SP' + sp);\nelse if (version == 150 && sp != 0) # not 2013 CU2 or CU3 (no SP)\n audit(AUDIT_INST_VER_NOT_VULN, 'Exchange', '2013 SP' + sp);\n\nexch_root = get_kb_item_or_exit('SMB/Exchange/Path', exit_code:1);\nif (exch_root[strlen(exch_root) - 1] != \"\\\") # add a trailing backslash if necessary\n exch_root += \"\\\";\nshare = hotfix_path2share(path:exch_root);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (version == 80 && sp == 3) # 2007 SP3\n kb = '2903911';\nelse if (version == 140 && sp == 2) # 2010 SP2\n kb = '2903903';\nelse if (version == 140 && sp == 3) # 2010 SP3\n kb = '2905616';\nelse if (version == 150) # 2013 CU2 and CU3\n kb = '2880833';\n\n# If Exchange 2013 is installed, make sure it is CU2 or CU3 before continuing\nif (version == 150)\n{\n exe = exch_root + \"Bin\\msexchangerepl.exe\";\n ret = hotfix_get_fversion(path:exe);\n if (ret['error'] != HCF_OK)\n {\n hotfix_check_fversion_end();\n audit(AUDIT_FN_FAIL, 'hotfix_get_fversion');\n }\n exe_ver = join(ret['value'], sep:'.');\n\n if (\n exe_ver !~ \"^15\\.0\\.712\\.\" && # 2013 CU2\n exe_ver !~ \"^15\\.0\\.775\\.\" # 2013 CU3\n )\n {\n hotfix_check_fversion_end();\n audit(AUDIT_INST_VER_NOT_VULN, 'Exchange 2013', exe_ver);\n }\n}\n\nooi_path = exch_root + \"ClientAccess\\Owa\\Bin\\DocumentViewing\";\nfile = 'vshwp2.dll';\n\nif (hotfix_is_vulnerable(path:ooi_path, file:file, version:'8.4.1.18', bulletin:bulletin, kb:kb))\n{\n set_kb_item(name:'SMB/Missing/' + bulletin, value:TRUE);\n set_kb_item(name:'www/'+port+'/XSS', value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, 'affected');\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-01-08T14:02:25", "description": "This host is missing an important security update according to Microsoft\n Bulletin MS13-067.", "cvss3": {}, "published": "2013-10-09T00:00:00", "type": "openvas", "title": "Microsoft Office Web Apps Remote Code Execution vulnerability (2834052)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0081", "CVE-2013-1330", "CVE-2013-3179", "CVE-2013-1315", "CVE-2013-3180"], "modified": "2020-01-07T00:00:00", "id": "OPENVAS:1361412562310903324", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903324", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Web Apps Remote Code Execution vulnerability (2834052)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:microsoft:office_web_apps\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903324\");\n script_version(\"2020-01-07T09:06:32+0000\");\n script_cve_id(\"CVE-2013-1330\", \"CVE-2013-3179\", \"CVE-2013-3180\", \"CVE-2013-0081\",\n \"CVE-2013-1315\");\n script_bugtraq_id(62221, 62227, 62254, 62205, 62167);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-07 09:06:32 +0000 (Tue, 07 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-10-09 15:05:11 +0530 (Wed, 09 Oct 2013)\");\n script_name(\"Microsoft Office Web Apps Remote Code Execution vulnerability (2834052)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to Microsoft\n Bulletin MS13-067.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n script_tag(name:\"insight\", value:\"Multiple Flaws are due to,\n\n - An error when handling an unassigned workflow can be exploited to cause the\n W3WP process to stop responding via a specially crafted URL.\n\n - An error related to MAC exists when handling unassigned workflows.\n\n - Input passed via the 'ms-descriptionText > ctl00_PlaceHolderDialogBodySection\n _PlaceHolderDialogBodyMainSection_ValSummary' parameter related to metadata\n storage assignment of the BDC permission management within the 'Sharepoint\n Online Cloud 2013 Service' section is not properly sanitised before being used.\n\n - Certain unspecified input is not properly sanitised before being returned to\n the user.\n\n - Multiple unspecified errors.\");\n script_tag(name:\"affected\", value:\"- Microsoft Office Excel Web App 2010 Service Pack 2 and prior\n\n - Microsoft Office Word Web App 2010 Service Pack 2 and prior\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to conduct script insertion\n attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.vulnerability-lab.com/get_content.php?id=812\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_office_web_apps_detect.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"MS/Office/Web/Apps/Ver\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );\nwebappVer = infos['version'];\npath = infos['location'];\nif(!path || \"Could not find the install location\" >< path){\n exit(0);\n}\n\n## Microsoft Office Web Apps 2010\nif(webappVer =~ \"^14\\..*\")\n{\n path = path + \"\\14.0\\WebServices\\wordserver\\core\";\n dllVer = fetch_file_version(sysPath:path, file_name:\"msoserver.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.7106.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-08T14:02:56", "description": "This host is missing an important security update according to Microsoft\n Bulletin MS13-067.", "cvss3": {}, "published": "2013-10-09T00:00:00", "type": "openvas", "title": "Microsoft Office Services Remote Code Execution vulnerability (2834052)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0081", "CVE-2013-1330", "CVE-2013-3179", "CVE-2013-1315", "CVE-2013-3180"], "modified": "2020-01-07T00:00:00", "id": "OPENVAS:1361412562310903325", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903325", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Services Remote Code Execution vulnerability (2834052)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:microsoft:sharepoint_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903325\");\n script_version(\"2020-01-07T09:06:32+0000\");\n script_cve_id(\"CVE-2013-1330\", \"CVE-2013-3179\", \"CVE-2013-3180\", \"CVE-2013-0081\",\n \"CVE-2013-1315\");\n script_bugtraq_id(62221, 62227, 62254, 62205, 62167);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-07 09:06:32 +0000 (Tue, 07 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-10-09 15:37:45 +0530 (Wed, 09 Oct 2013)\");\n script_name(\"Microsoft Office Services Remote Code Execution vulnerability (2834052)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to Microsoft\n Bulletin MS13-067.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n script_tag(name:\"insight\", value:\"Multiple Flaws are due to,\n\n - An error when handling an unassigned workflow can be exploited to cause the\n W3WP process to stop responding via a specially crafted URL.\n\n - An error related to MAC exists when handling unassigned workflows.\n\n - Input passed via the 'ms-descriptionText > ctl00_PlaceHolderDialogBodySection\n _PlaceHolderDialogBodyMainSection_ValSummary' parameter related to metadata\n storage assignment of the BDC permission management within the 'Sharepoint\n Online Cloud 2013 Service' section is not properly sanitised before being used.\n\n - Certain unspecified input is not properly sanitised before being returned to\n the user.\n\n - Multiple unspecified errors.\");\n script_tag(name:\"affected\", value:\"Excel Services on Microsoft SharePoint Server 2007\n\n Excel Services on Microsoft SharePoint Server 2010\n\n Word Automation Services on Microsoft SharePoint Server 2010\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to conduct script insertion\n attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/54741\");\n script_xref(name:\"URL\", value:\"http://www.vulnerability-lab.com/get_content.php?id=812\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_sharepoint_sever_n_foundation_detect.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"MS/SharePoint/Server/Ver\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );\nshareVer = infos['version'];\npath = infos['location'];\nif(!path || \"Could not find the install location\" >< path){\n exit(0);\n}\n\n## SharePoint Server 2010 (wosrv & coreserver)\nif(shareVer =~ \"^14\\..*\")\n{\n dllVer = fetch_file_version(sysPath:path, file_name:\"\\14.0\\Bin\\Xlsrv.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.7104.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n\n dllVer2 = fetch_file_version(sysPath:path,\n file_name:\"\\14.0\\WebServices\\WordServer\\Core\\WdsrvWorker.dll\");\n if(dllVer2)\n {\n if(version_in_range(version:dllVer2, test_version:\"14.0\", test_version2:\"14.0.7104.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n}\n\n## SharePoint Server 2007 (wosrv & coreserver)\nif(shareVer =~ \"^12\\..*\")\n{\n dllVer = fetch_file_version(sysPath:path, file_name:\"\\12.0\\Bin\\Xlsrv.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"12.0\", test_version2:\"12.0.6676.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-23T19:05:51", "description": "This host is missing an important security update according to Microsoft\nBulletin MS13-067.", "cvss3": {}, "published": "2013-09-13T00:00:00", "type": "openvas", "title": "Microsoft SharePoint Server Remote Code Execution vulnerability (2834052)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0081", "CVE-2013-1330", "CVE-2013-3179", "CVE-2013-3180"], "modified": "2020-04-21T00:00:00", "id": "OPENVAS:1361412562310903322", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903322", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft SharePoint Server Remote Code Execution vulnerability (2834052)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\nCPE = \"cpe:/a:microsoft:sharepoint_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903322\");\n script_version(\"2020-04-21T11:03:03+0000\");\n script_cve_id(\"CVE-2013-1330\", \"CVE-2013-3179\", \"CVE-2013-3180\", \"CVE-2013-0081\");\n script_bugtraq_id(62221, 62227, 62254, 62205);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-21 11:03:03 +0000 (Tue, 21 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-09-13 16:29:08 +0530 (Fri, 13 Sep 2013)\");\n script_name(\"Microsoft SharePoint Server Remote Code Execution vulnerability (2834052)\");\n\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to Microsoft\nBulletin MS13-067.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n script_tag(name:\"insight\", value:\"Multiple Flaws are due to,\n\n - An error when handling an unassigned workflow can be exploited to cause the\n W3WP process to stop responding via a specially crafted URL.\n\n - An error related to MAC exists when handling unassigned workflows.\n\n - Input passed via the 'ms-descriptionText > ctl00_PlaceHolderDialogBodySection\n _PlaceHolderDialogBodyMainSection_ValSummary' parameter related to metadata\n storage assignment of the BDC permission management within the 'Sharepoint\n Online Cloud 2013 Service' section is not properly sanitised before being used.\n\n - Certain unspecified input is not properly sanitised before being returned to\n the user.\n\n - Multiple unspecified errors.\");\n script_tag(name:\"affected\", value:\"- Microsoft SharePoint Server 2013\n\n - Microsoft SharePoint Server 2007 Service Pack 3\n\n - Microsoft SharePoint Server 2010 Service Pack 2 and prior\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to conduct script insertion\nattacks, cause a DoS (Denial of Service), and compromise a vulnerable system.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.vulnerability-lab.com/get_content.php?id=812\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_sharepoint_sever_n_foundation_detect.nasl\");\n script_mandatory_keys(\"MS/SharePoint/Server/Ver\");\n script_require_ports(139, 445);\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nshareVer = get_app_version(cpe:CPE);\nif(!shareVer){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\Shared Tools\\Web Server Extensions\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\n## SharePoint Server 2010 (wosrv & coreserver)\nif(shareVer =~ \"^14\\..*\")\n{\n path = registry_get_sz(key: key + \"14.0\", item:\"Location\");\n\n dllVer = fetch_file_version(sysPath:path, file_name:\"ISAPI\\Microsoft.office.server.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.7010.999\"))\n {\n report = report_fixed_ver(installed_version:dllVer, vulnerable_range:\"14.0 - 14.0.7010.999\", install_path:path);\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\n\n## SharePoint Server 2013 (coreserverloc)\nif(shareVer =~ \"^15\\..*\")\n{\n path = registry_get_sz(key: key + \"15.0\", item:\"Location\");\n\n dllVer = fetch_file_version(sysPath:path, file_name:\"ISAPI\\Microsoft.office.server.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"15.0\", test_version2:\"15.0.4525.999\"))\n {\n report = report_fixed_ver(installed_version:dllVer, vulnerable_range:\"15.0 - 15.0.4525.999\", install_path:path);\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-23T19:05:46", "description": "This host is missing an important security update according to Microsoft\nBulletin MS13-067.", "cvss3": {}, "published": "2013-10-09T00:00:00", "type": "openvas", "title": "Microsoft SharePoint Foundation Remote Code Execution vulnerability (2834052)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0081", "CVE-2013-1330", "CVE-2013-3179", "CVE-2013-3180"], "modified": "2020-04-21T00:00:00", "id": "OPENVAS:1361412562310903323", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903323", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft SharePoint Foundation Remote Code Execution vulnerability (2834052)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\nCPE = \"cpe:/a:microsoft:sharepoint_foundation\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903323\");\n script_version(\"2020-04-21T11:03:03+0000\");\n script_cve_id(\"CVE-2013-1330\", \"CVE-2013-3179\", \"CVE-2013-3180\", \"CVE-2013-0081\");\n script_bugtraq_id(62221, 62227, 62254, 62205);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-21 11:03:03 +0000 (Tue, 21 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-10-09 12:57:14 +0530 (Wed, 09 Oct 2013)\");\n script_name(\"Microsoft SharePoint Foundation Remote Code Execution vulnerability (2834052)\");\n\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to Microsoft\nBulletin MS13-067.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n script_tag(name:\"insight\", value:\"Multiple Flaws are due to,\n\n - An error when handling an unassigned workflow can be exploited to cause the\n W3WP process to stop responding via a specially crafted URL.\n\n - An error related to MAC exists when handling unassigned workflows.\n\n - Input passed via the 'ms-descriptionText > ctl00_PlaceHolderDialogBodySection\n _PlaceHolderDialogBodyMainSection_ValSummary' parameter related to metadata\n storage assignment of the BDC permission management within the 'Sharepoint\n Online Cloud 2013 Service' section is not properly sanitised before being used.\n\n - Certain unspecified input is not properly sanitised before being returned to\n the user.\n\n - Multiple unspecified errors.\");\n script_tag(name:\"affected\", value:\"- Microsoft SharePoint Foundation 2013\n\n - Microsoft SharePoint Server 2010 Service Pack 2 and prior\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to conduct script insertion\nattacks, cause a DoS (Denial of Service), and compromise a vulnerable system.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.vulnerability-lab.com/get_content.php?id=812\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_sharepoint_sever_n_foundation_detect.nasl\");\n script_mandatory_keys(\"MS/SharePoint/Foundation/Ver\");\n script_require_ports(139, 445);\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nshareVer = get_app_version(cpe:CPE);\nif(!shareVer){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\Shared Tools\\Web Server Extensions\\\";\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\n## SharePoint Foundation 2010\nif(shareVer =~ \"^14\\..*\")\n{\n path = registry_get_sz(key: key + \"14.0\", item:\"Location\");\n\n dllVer = fetch_file_version(sysPath:path, file_name:\"BIN\\Onetutil.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.7105.4999\"))\n {\n report = report_fixed_ver(installed_version:dllVer, vulnerable_range:\"14.0 - 14.0.7105.4999\", install_path:path);\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\n\n## SharePoint Foundation 2013\nif(shareVer =~ \"^15\\..*\")\n{\n path = registry_get_sz(key: key + \"15.0\", item:\"Location\");\n\n dllVer = fetch_file_version(sysPath:path, file_name:\"BIN\\Onetutil.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"15.0\", test_version2:\"15.0.4535.999\"))\n {\n report = report_fixed_ver(installed_version:dllVer, vulnerable_range:\"15.0 - 15.0.4535.999\", install_path:path);\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-10T19:53:23", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-072.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Word Viewer Remote Code Execution Vulnerabilities (2845537)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3847", "CVE-2013-3849", "CVE-2013-3851", "CVE-2013-3852", "CVE-2013-3850", "CVE-2013-3857", "CVE-2013-3848", "CVE-2013-3854", "CVE-2013-3855", "CVE-2013-3856", "CVE-2013-3853", "CVE-2013-3858", "CVE-2013-3160"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310903403", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903403", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Word Viewer Remote Code Execution Vulnerabilities (2845537)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903403\");\n script_version(\"2020-06-09T08:59:39+0000\");\n script_cve_id(\"CVE-2013-3160\", \"CVE-2013-3847\", \"CVE-2013-3848\", \"CVE-2013-3849\",\n \"CVE-2013-3850\", \"CVE-2013-3851\", \"CVE-2013-3852\", \"CVE-2013-3853\",\n \"CVE-2013-3854\", \"CVE-2013-3855\", \"CVE-2013-3856\", \"CVE-2013-3857\",\n \"CVE-2013-3858\");\n script_bugtraq_id(62162, 62165, 62168, 62169, 62170, 62171, 62216, 62217, 62220,\n 62222, 62223, 62224, 62226);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 08:59:39 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 17:10:50 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Word Viewer Remote Code Execution Vulnerabilities (2845537)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS13-072.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to error exists when processing XML data and some\n unspecified errors.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Word Viewer 2003.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute the arbitrary\n code, cause memory corruption and compromise the system.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2817683\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-072\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/WordView/Version\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nwordviewVer = get_kb_item(\"SMB/Office/WordView/Version\");\n\nif(wordviewVer && wordviewVer =~\"^11.*\")\n{\n if(version_in_range(version:wordviewVer, test_version:\"11.0\", test_version2:\"11.0.8405\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-08T14:02:25", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-072.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Word Remote Code Execution Vulnerabilities (2845537)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3847", "CVE-2013-3849", "CVE-2013-3851", "CVE-2013-3852", "CVE-2013-3850", "CVE-2013-3857", "CVE-2013-3848", "CVE-2013-3854", "CVE-2013-3855", "CVE-2013-3856", "CVE-2013-3853", "CVE-2013-3858", "CVE-2013-3160"], "modified": "2019-12-20T00:00:00", "id": "OPENVAS:1361412562310903402", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903402", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Word Remote Code Execution Vulnerabilities (2845537)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903402\");\n script_version(\"2019-12-20T12:48:41+0000\");\n script_cve_id(\"CVE-2013-3160\", \"CVE-2013-3847\", \"CVE-2013-3848\", \"CVE-2013-3849\",\n \"CVE-2013-3850\", \"CVE-2013-3851\", \"CVE-2013-3852\", \"CVE-2013-3853\",\n \"CVE-2013-3854\", \"CVE-2013-3855\", \"CVE-2013-3856\", \"CVE-2013-3857\",\n \"CVE-2013-3858\");\n script_bugtraq_id(62162, 62165, 62168, 62169, 62170, 62171, 62216, 62217, 62220,\n 62222, 62223, 62224, 62226);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-20 12:48:41 +0000 (Fri, 20 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 16:55:20 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Word Remote Code Execution Vulnerabilities (2845537)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS13-072.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to error exists when processing XML data and some\n unspecified errors.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Word 2003 Service Pack 3 and prior\n\n - Microsoft Word 2007 Service Pack 3 and prior\n\n - Microsoft Word 2010 Service Pack 2 and prior\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute the arbitrary\n code, cause memory corruption and compromise the system.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2817682\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2767773\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2760769\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms13-072\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/Word/Version\");\n\n exit(0);\n}\n\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\n\nwinwordVer = get_kb_item(\"SMB/Office/Word/Version\");\n\n## Microsoft Office Word 2003/2007/2010\nif(winwordVer && winwordVer =~ \"^1[124]\\.\")\n{\n ## Wwlibcxm.dll file not found on office 2010, as of now its not considered\n if(version_in_range(version:winwordVer, test_version:\"11.0\", test_version2:\"11.0.8405\") ||\n version_in_range(version:winwordVer, test_version:\"12.0\", test_version2:\"12.0.6683.5000\") ||\n version_in_range(version:winwordVer, test_version:\"14.0\", test_version2:\"14.0.7106.5000\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:11:14", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS13-072.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "MS Office Compatibility Pack Remote Code Execution Vulnerabilities (2845537)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3847", "CVE-2013-3849", "CVE-2013-3851", "CVE-2013-3852", "CVE-2013-3850", "CVE-2013-3857", "CVE-2013-3848", "CVE-2013-3854", "CVE-2013-3855", "CVE-2013-3856", "CVE-2013-3853", "CVE-2013-3858", "CVE-2013-3160"], "modified": "2017-05-09T00:00:00", "id": "OPENVAS:903404", "href": "http://plugins.openvas.org/nasl.php?oid=903404", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms_compat_pack_ms13-072.nasl 6086 2017-05-09 09:03:30Z teissa $\n#\n# MS Office Compatibility Pack Remote Code Execution Vulnerabilities (2845537)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(903404);\n script_version(\"$Revision: 6086 $\");\n script_cve_id(\"CVE-2013-3160\", \"CVE-2013-3847\", \"CVE-2013-3848\", \"CVE-2013-3849\",\n \"CVE-2013-3850\", \"CVE-2013-3851\", \"CVE-2013-3852\", \"CVE-2013-3853\",\n \"CVE-2013-3854\", \"CVE-2013-3855\", \"CVE-2013-3856\", \"CVE-2013-3857\",\n \"CVE-2013-3858\");\n script_bugtraq_id(62162, 62165, 62168, 62169, 62170, 62171, 62216, 62217, 62220,\n 62222, 62223, 62224, 62226);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-09 11:03:30 +0200 (Tue, 09 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 17:22:16 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"MS Office Compatibility Pack Remote Code Execution Vulnerabilities (2845537)\");\n\n tag_summary =\n\"This host is missing an important security update according to\nMicrosoft Bulletin MS13-072.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws are due to error exists when processing XML data and some\nunspecified errors.\";\n\n tag_impact =\n\"Successful exploitation will allow remote attackers to execute the arbitrary\ncode, cause memory corruption and compromise the system.\n\nImpact Level: System/Application \";\n\n tag_affected =\n\"Compatibility Pack for Microsoft Office 2007 file formats\";\n\n tag_solution =\n\"Run Windows Update and update the listed hotfixes or download and update\nmentioned hotfixes in the advisory from the below link,\nhttps://technet.microsoft.com/en-us/security/bulletin/ms13-072\";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/54737\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2760823\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms13-072\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/WordCnv/Version\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n## Variable Initailization\nwordcnvVer = \"\";\npath = \"\";\nsysVer = \"\";\n\n# Check for Office Word Version 2007 with compatibility pack\nwordcnvVer = get_kb_item(\"SMB/Office/WordCnv/Version\");\nif(wordcnvVer && wordcnvVer =~ \"^12.*\")\n{\n # Office Word Converter\n path = registry_get_sz(key:\"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\",\n item:\"ProgramFilesDir\");\n if(path)\n {\n sysVer = fetch_file_version(sysPath:path + \"\\Microsoft Office\\Office12\", file_name:\"Wordcnv.dll\");\n\n if(sysVer)\n {\n # Check for Word Converter 2007 version 12.0 < 12.0.6683.5001\n if(version_in_range(version:sysVer, test_version:\"12.0\", test_version2:\"12.0.6683.5000\"))\n {\n security_message(0);\n exit(0);\n }\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:19", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS13-072.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Word Viewer Remote Code Execution Vulnerabilities (2845537)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3847", "CVE-2013-3849", "CVE-2013-3851", "CVE-2013-3852", "CVE-2013-3850", "CVE-2013-3857", "CVE-2013-3848", "CVE-2013-3854", "CVE-2013-3855", "CVE-2013-3856", "CVE-2013-3853", "CVE-2013-3858", "CVE-2013-3160"], "modified": "2017-05-11T00:00:00", "id": "OPENVAS:903403", "href": "http://plugins.openvas.org/nasl.php?oid=903403", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms_wordview_ms13-072.nasl 6104 2017-05-11 09:03:48Z teissa $\n#\n# Microsoft Office Word Viewer Remote Code Execution Vulnerabilities (2845537)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(903403);\n script_version(\"$Revision: 6104 $\");\n script_cve_id(\"CVE-2013-3160\", \"CVE-2013-3847\", \"CVE-2013-3848\", \"CVE-2013-3849\",\n \"CVE-2013-3850\", \"CVE-2013-3851\", \"CVE-2013-3852\", \"CVE-2013-3853\",\n \"CVE-2013-3854\", \"CVE-2013-3855\", \"CVE-2013-3856\", \"CVE-2013-3857\",\n \"CVE-2013-3858\");\n script_bugtraq_id(62162, 62165, 62168, 62169, 62170, 62171, 62216, 62217, 62220,\n 62222, 62223, 62224, 62226);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-11 11:03:48 +0200 (Thu, 11 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 17:10:50 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Word Viewer Remote Code Execution Vulnerabilities (2845537)\");\n\n tag_summary =\n\"This host is missing an important security update according to\nMicrosoft Bulletin MS13-072.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws are due to error exists when processing XML data and some\nunspecified errors.\";\n\n tag_impact =\n\"Successful exploitation will allow remote attackers to execute the arbitrary\ncode, cause memory corruption and compromise the system.\n\nImpact Level: System/Application \";\n\n tag_affected =\n\"Microsoft Word Viewer 2003 \";\n\n tag_solution =\n\"Run Windows Update and update the listed hotfixes or download and update\nmentioned hotfixes in the advisory from the below link,\nhttps://technet.microsoft.com/en-us/security/bulletin/ms13-072\";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/54737\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2817683\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms13-072\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/WordView/Version\");\n exit(0);\n}\n\n\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\n\n## Variable Initailization\nwordviewVer = \"\";\n\nwordviewVer = get_kb_item(\"SMB/Office/WordView/Version\");\n\n# Check for Word Viewer 11.0 < 11.0.8406\nif(wordviewVer && wordviewVer =~\"^11.*\")\n{\n if(version_in_range(version:wordviewVer, test_version:\"11.0\", test_version2:\"11.0.8405\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-01-08T14:03:09", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-072.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Remote Code Execution Vulnerabilities (2845537)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3847", "CVE-2013-3849", "CVE-2013-3851", "CVE-2013-3852", "CVE-2013-3850", "CVE-2013-3857", "CVE-2013-3848", "CVE-2013-3854", "CVE-2013-3855", "CVE-2013-3856", "CVE-2013-3853", "CVE-2013-3858", "CVE-2013-3160"], "modified": "2019-12-20T00:00:00", "id": "OPENVAS:1361412562310903401", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903401", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Remote Code Execution Vulnerabilities (2845537)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903401\");\n script_version(\"2019-12-20T12:48:41+0000\");\n script_cve_id(\"CVE-2013-3160\", \"CVE-2013-3847\", \"CVE-2013-3848\", \"CVE-2013-3849\",\n \"CVE-2013-3850\", \"CVE-2013-3851\", \"CVE-2013-3852\", \"CVE-2013-3853\",\n \"CVE-2013-3854\", \"CVE-2013-3855\", \"CVE-2013-3856\", \"CVE-2013-3857\",\n \"CVE-2013-3858\");\n script_bugtraq_id(62162, 62165, 62168, 62169, 62170, 62171, 62216, 62217, 62220,\n 62222, 62223, 62224, 62226);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-20 12:48:41 +0000 (Fri, 20 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 16:10:36 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Remote Code Execution Vulnerabilities (2845537)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS13-072.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to error exists when processing XML data and some\n unspecified errors.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Office 2003 Service Pack 3 and prior\n\n - Microsoft Office 2007 Service Pack 3 and prior\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute the arbitrary\n code, cause memory corruption and compromise the system.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2817474\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2760411\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2767913\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms13-072\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_ms_office_detection_900025.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"MS/Office/Ver\", \"MS/Office/InstallPath\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nofficeVer = get_kb_item(\"MS/Office/Ver\");\n\n## MS Office 2003, 2007\nif(!officeVer || officeVer !~ \"^1[12]\\.\"){\n exit(0);\n}\n\nInsPath = get_kb_item(\"MS/Office/InstallPath\");\nif(InsPath && \"Could not find the install Location\" >!< InsPath)\n{\n foreach offsubver (make_list(\"Office11\", \"Office12\"))\n {\n exeVer = fetch_file_version(sysPath:InsPath + offsubver, file_name:\"mso.dll\");\n if(exeVer)\n {\n if(version_in_range(version:exeVer, test_version:\"11.0\", test_version2:\"11.0.8404\") ||\n version_in_range(version:exeVer, test_version:\"12.0\", test_version2:\"12.0.6683.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:13", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-072.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "MS Office Compatibility Pack Remote Code Execution Vulnerabilities (2845537)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3847", "CVE-2013-3849", "CVE-2013-3851", "CVE-2013-3852", "CVE-2013-3850", "CVE-2013-3857", "CVE-2013-3848", "CVE-2013-3854", "CVE-2013-3855", "CVE-2013-3856", "CVE-2013-3853", "CVE-2013-3858", "CVE-2013-3160"], "modified": "2019-05-21T00:00:00", "id": "OPENVAS:1361412562310903404", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903404", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# MS Office Compatibility Pack Remote Code Execution Vulnerabilities (2845537)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903404\");\n script_version(\"2019-05-21T06:50:08+0000\");\n script_cve_id(\"CVE-2013-3160\", \"CVE-2013-3847\", \"CVE-2013-3848\", \"CVE-2013-3849\",\n \"CVE-2013-3850\", \"CVE-2013-3851\", \"CVE-2013-3852\", \"CVE-2013-3853\",\n \"CVE-2013-3854\", \"CVE-2013-3855\", \"CVE-2013-3856\", \"CVE-2013-3857\",\n \"CVE-2013-3858\");\n script_bugtraq_id(62162, 62165, 62168, 62169, 62170, 62171, 62216, 62217, 62220,\n 62222, 62223, 62224, 62226);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-21 06:50:08 +0000 (Tue, 21 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 17:22:16 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"MS Office Compatibility Pack Remote Code Execution Vulnerabilities (2845537)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS13-072.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to error exists when processing XML data and some\n unspecified errors.\");\n\n script_tag(name:\"affected\", value:\"Compatibility Pack for Microsoft Office 2007 file formats\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute the arbitrary\n code, cause memory corruption and compromise the system.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/54737\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2760823\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms13-072\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/Office/WordCnv/Version\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nwordcnvVer = get_kb_item(\"SMB/Office/WordCnv/Version\");\nif(wordcnvVer && wordcnvVer =~ \"^12\\.\")\n{\n # Office Word Converter\n path = registry_get_sz(key:\"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\",\n item:\"ProgramFilesDir\");\n if(path)\n {\n sysVer = fetch_file_version(sysPath:path + \"\\Microsoft Office\\Office12\", file_name:\"Wordcnv.dll\");\n\n if(sysVer)\n {\n if(version_in_range(version:sysVer, test_version:\"12.0\", test_version2:\"12.0.6683.5000\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:10:59", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS13-072.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Word Remote Code Execution Vulnerabilities (2845537)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3847", "CVE-2013-3849", "CVE-2013-3851", "CVE-2013-3852", "CVE-2013-3850", "CVE-2013-3857", "CVE-2013-3848", "CVE-2013-3854", "CVE-2013-3855", "CVE-2013-3856", "CVE-2013-3853", "CVE-2013-3858", "CVE-2013-3160"], "modified": "2017-05-11T00:00:00", "id": "OPENVAS:903402", "href": "http://plugins.openvas.org/nasl.php?oid=903402", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms_winword_ms13-072.nasl 6104 2017-05-11 09:03:48Z teissa $\n#\n# Microsoft Office Word Remote Code Execution Vulnerabilities (2845537)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(903402);\n script_version(\"$Revision: 6104 $\");\n script_cve_id(\"CVE-2013-3160\", \"CVE-2013-3847\", \"CVE-2013-3848\", \"CVE-2013-3849\",\n \"CVE-2013-3850\", \"CVE-2013-3851\", \"CVE-2013-3852\", \"CVE-2013-3853\",\n \"CVE-2013-3854\", \"CVE-2013-3855\", \"CVE-2013-3856\", \"CVE-2013-3857\",\n \"CVE-2013-3858\");\n script_bugtraq_id(62162, 62165, 62168, 62169, 62170, 62171, 62216, 62217, 62220,\n 62222, 62223, 62224, 62226);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-11 11:03:48 +0200 (Thu, 11 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 16:55:20 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Word Remote Code Execution Vulnerabilities (2845537)\");\n\n tag_summary =\n\"This host is missing an important security update according to\nMicrosoft Bulletin MS13-072.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws are due to error exists when processing XML data and some\nunspecified errors.\";\n\n tag_impact =\n\"Successful exploitation will allow remote attackers to execute the arbitrary\ncode, cause memory corruption and compromise the system.\n\nImpact Level: System/Application \";\n\n tag_affected =\n\"Microsoft Word 2003 Service Pack 3 and prior\nMicrosoft Word 2007 Service Pack 3 and prior\nMicrosoft Word 2010 Service Pack 2 and prior.\";\n\n tag_solution =\n\"Run Windows Update and update the listed hotfixes or download and update\nmentioned hotfixes in the advisory from the below link,\nhttps://technet.microsoft.com/en-us/security/bulletin/ms13-072\";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/54737\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2817682\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2767773\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2760769\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms13-072\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/Word/Version\");\n exit(0);\n}\n\n\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\n\n## variable Initialization\nwinwordVer = \"\";\n\nwinwordVer = get_kb_item(\"SMB/Office/Word/Version\");\n\n## Microsoft Office Word 2003/2007/2010\nif(winwordVer && winwordVer =~ \"^(11|12|14).*\")\n{\n ## Grep for version Winword.exe 11 < 11.0.8406 < 12.0.6683.5001, 14 < 14.0.7106.5001\n ## Wwlibcxm.dll file not found on office 2010, as of now its not considered\n if(version_in_range(version:winwordVer, test_version:\"11.0\", test_version2:\"11.0.8405\") ||\n version_in_range(version:winwordVer, test_version:\"12.0\", test_version2:\"12.0.6683.5000\") ||\n version_in_range(version:winwordVer, test_version:\"14.0\", test_version2:\"14.0.7106.5000\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:00", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS13-072.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Remote Code Execution Vulnerabilities (2845537)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3847", "CVE-2013-3849", "CVE-2013-3851", "CVE-2013-3852", "CVE-2013-3850", "CVE-2013-3857", "CVE-2013-3848", "CVE-2013-3854", "CVE-2013-3855", "CVE-2013-3856", "CVE-2013-3853", "CVE-2013-3858", "CVE-2013-3160"], "modified": "2017-05-05T00:00:00", "id": "OPENVAS:903401", "href": "http://plugins.openvas.org/nasl.php?oid=903401", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms13-072.nasl 6074 2017-05-05 09:03:14Z teissa $\n#\n# Microsoft Office Remote Code Execution Vulnerabilities (2845537)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(903401);\n script_version(\"$Revision: 6074 $\");\n script_cve_id(\"CVE-2013-3160\", \"CVE-2013-3847\", \"CVE-2013-3848\", \"CVE-2013-3849\",\n \"CVE-2013-3850\", \"CVE-2013-3851\", \"CVE-2013-3852\", \"CVE-2013-3853\",\n \"CVE-2013-3854\", \"CVE-2013-3855\", \"CVE-2013-3856\", \"CVE-2013-3857\",\n \"CVE-2013-3858\");\n script_bugtraq_id(62162, 62165, 62168, 62169, 62170, 62171, 62216, 62217, 62220,\n 62222, 62223, 62224, 62226);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-05 11:03:14 +0200 (Fri, 05 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 16:10:36 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Remote Code Execution Vulnerabilities (2845537)\");\n\n tag_summary =\n\"This host is missing an important security update according to\nMicrosoft Bulletin MS13-072.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws are due to error exists when processing XML data and some\nunspecified errors.\";\n\n tag_impact =\n\"Successful exploitation will allow remote attackers to execute the arbitrary\ncode, cause memory corruption and compromise the system.\n\nImpact Level: System/Application \";\n\n tag_affected =\n\"Microsoft Office 2003 Service Pack 3 and prior\nMicrosoft Office 2007 Service Pack 3 and prior\";\n\n tag_solution =\n\"Run Windows Update and update the listed hotfixes or download and update\nmentioned hotfixes in the advisory from the below link,\nhttps://technet.microsoft.com/en-us/security/bulletin/ms13-072\";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/54737\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2817474\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2760411\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2767913\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms13-072\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_ms_office_detection_900025.nasl\");\n script_mandatory_keys(\"MS/Office/Ver\", \"MS/Office/InstallPath\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nexeVer = \"\";\nInsPath = \"\";\noffsubver = \"\";\n\n## MS Office 2003, 2007\nif(!(get_kb_item(\"MS/Office/Ver\") =~ \"^(11|12).*\")){\n exit(0);\n}\n\nInsPath = get_kb_item(\"MS/Office/InstallPath\");\nif(InsPath && \"Could not find the install Location\" >!< InsPath)\n{\n foreach offsubver (make_list(\"Office11\", \"Office12\"))\n {\n ## Get Version from mso.dll file version\n exeVer = fetch_file_version(sysPath:InsPath + offsubver, file_name:\"mso.dll\");\n if(exeVer)\n {\n ## Check for mso.dll version\n if(version_in_range(version:exeVer, test_version:\"11.0\", test_version2:\"11.0.8404\") ||\n version_in_range(version:exeVer, test_version:\"12.0\", test_version2:\"12.0.6683.4999\"))\n {\n security_message(0);\n exit(0);\n }\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:15", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Remote Code Execution Vulnerabilities-2858300 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2016-11-18T00:00:00", "id": "OPENVAS:902996", "href": "http://plugins.openvas.org/nasl.php?oid=902996", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms13-073_macosx.nasl 4570 2016-11-18 10:17:05Z antu123 $\n#\n# Microsoft Office Remote Code Execution Vulnerabilities-2858300 (Mac OS X)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(902996);\n script_version(\"$Revision: 4570 $\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-11-18 11:17:05 +0100 (Fri, 18 Nov 2016) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 12:29:56 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Remote Code Execution Vulnerabilities-2858300 (Mac OS X)\");\n\n tag_summary =\n\"This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws exists when processing XML data, which can be exploited to\ndisclose contents of certain local files by sending specially crafted XML\ndata including external entity references.\";\n\n tag_impact =\n\"Successful exploitation will allow remote attackers to corrupt memory and\ndisclose sensitive information.\n\n Impact Level: Application \";\n\n tag_affected =\n\"Microsoft Office 2011 on Mac OS X\";\n\n tag_solution =\n\"Apply the patch from below link,\n http://technet.microsoft.com/en-us/security/bulletin/ms13-073 \";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/54739/\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gb_microsoft_office_detect_macosx.nasl\");\n script_mandatory_keys(\"MS/Office/MacOSX/Ver\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\noffVer = \"\";\n\n## Get the version from KB\noffVer = get_kb_item(\"MS/Office/MacOSX/Ver\");\n\n## check the version from KB\nif(!offVer || !(offVer =~ \"^(14)\")){\n exit(0);\n}\n\n## Check for Office Version < 2011 (14.3.7)\nif(version_in_range(version:offVer, test_version:\"14.0\", test_version2:\"14.3.6\"))\n{\n security_message(0);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:10", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Excel Viewer Remote Code Execution Vulnerabilities (2858300)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2017-05-12T00:00:00", "id": "OPENVAS:902998", "href": "http://plugins.openvas.org/nasl.php?oid=902998", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms_excel_viewer_ms13-073.nasl 6115 2017-05-12 09:03:25Z teissa $\n#\n# Microsoft Office Excel Viewer Remote Code Execution Vulnerabilities (2858300)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(902998);\n script_version(\"$Revision: 6115 $\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-12 11:03:25 +0200 (Fri, 12 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 13:36:18 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Excel Viewer Remote Code Execution Vulnerabilities (2858300)\");\n\n tag_summary =\n\"This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws exists when processing XML data, which can be exploited to\ndisclose contents of certain local files by sending specially crafted XML\ndata including external entity references.\";\n\n tag_impact =\n\"Successful exploitation will allow remote attackers to corrupt memory and\ndisclose sensitive information.\n\nImpact Level: Application \";\n\n tag_affected =\n\"Microsoft Office Excel Viewer 2007\";\n\n tag_solution =\n\"Run Windows Update and update the listed hotfixes or download and update\nmentioned hotfixes in the advisory from the below link,\nhttps://technet.microsoft.com/en-us/security/bulletin/ms13-073\";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/54739\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2760590\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/XLView/Version\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\n\n# Variable Initialization\nexcelviewVer = \"\";\n\n## Microsoft Office Excel Viewer 2007\nexcelviewVer = get_kb_item(\"SMB/Office/XLView/Version\");\nif(excelviewVer =~ \"^12\\..*\")\n{\n ## check for Xlview.exe version\n if(version_in_range(version:excelviewVer, test_version:\"12.0\", test_version2:\"12.0.6679.4999\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:03", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Excel Remote Code Execution Vulnerabilities (2858300)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2017-05-11T00:00:00", "id": "OPENVAS:902997", "href": "http://plugins.openvas.org/nasl.php?oid=902997", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms_excel_ms13-073.nasl 6104 2017-05-11 09:03:48Z teissa $\n#\n# Microsoft Office Excel Remote Code Execution Vulnerabilities (2858300)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(902997);\n script_version(\"$Revision: 6104 $\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-11 11:03:48 +0200 (Thu, 11 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 13:11:33 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Excel Remote Code Execution Vulnerabilities (2858300)\");\n\n tag_summary =\n\"This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws exists when processing XML data, which can be exploited to\ndisclose contents of certain local files by sending specially crafted XML\ndata including external entity references.\";\n\n tag_impact =\n\"Successful exploitation will allow remote attackers to corrupt memory and\ndisclose sensitive information.\n\nImpact Level: Application \";\n\n tag_affected =\n\"Microsoft Excel 2013\nMicrosoft Excel 2003 Service Pack 3 and prior\nMicrosoft Excel 2007 Service Pack 3 and prior\nMicrosoft Excel 2010 Service Pack 2 and prior\";\n\n tag_solution =\n\"Run Windows Update and update the listed hotfixes or download and update\nmentioned hotfixes in the advisory from the below link,\nhttps://technet.microsoft.com/en-us/security/bulletin/ms13-073\";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2810048\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2760583\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2760597\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2768017\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/Excel/Version\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\n\n# Variable Initialization\nexcelVer = \"\";\n\n## Check for Office Excel 2003/2007/2010/2013\nexcelVer = get_kb_item(\"SMB/Office/Excel/Version\");\nif(excelVer =~ \"^(11|12|14|15)\\..*\")\n{\n ## Check version Excel.exe\n if(version_in_range(version:excelVer, test_version:\"11.0\", test_version2:\"11.0.8403\") ||\n version_in_range(version:excelVer, test_version:\"12.0\", test_version2:\"12.0.6679.4999\") ||\n version_in_range(version:excelVer, test_version:\"14.0\", test_version2:\"14.0.7104.4999\") ||\n version_in_range(version:excelVer, test_version:\"15.0\", test_version2:\"15.0.4535.1002\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-06-10T19:53:54", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (2858300)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310902999", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902999", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (2858300)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902999\");\n script_version(\"2020-06-09T08:59:39+0000\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 08:59:39 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 13:54:46 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (2858300)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS13-073.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists when processing XML data, which can be exploited to\n disclose contents of certain local files by sending specially crafted XML\n data including external entity references.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Office Compatibility Pack Service Pack 3 and prior.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to corrupt memory and\n disclose sensitive information.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2760588\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/ComptPack/Version\", \"SMB/Office/XLCnv/Version\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\n\ncmpPckVer = get_kb_item(\"SMB/Office/ComptPack/Version\");\nif(cmpPckVer && cmpPckVer =~ \"^12\\.\")\n{\n xlcnvVer = get_kb_item(\"SMB/Office/XLCnv/Version\");\n if(xlcnvVer && xlcnvVer =~ \"^12\\.\")\n {\n if(version_in_range(version:xlcnvVer, test_version:\"12.0\", test_version2:\"12.0.6679.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-10T19:53:15", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Remote Code Execution Vulnerabilities-2858300 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310902996", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902996", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Remote Code Execution Vulnerabilities-2858300 (Mac OS X)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902996\");\n script_version(\"2020-06-09T08:59:39+0000\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 08:59:39 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 12:29:56 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Remote Code Execution Vulnerabilities-2858300 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS13-073.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced advisory.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists when processing XML data, which can be exploited to\n disclose contents of certain local files by sending specially crafted XML data including external entity references.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Office 2011 on Mac OS X.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to corrupt memory and\n disclose sensitive information.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-073\");\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gb_microsoft_office_detect_macosx.nasl\");\n script_mandatory_keys(\"MS/Office/MacOSX/Ver\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noffVer = get_kb_item(\"MS/Office/MacOSX/Ver\");\n\nif(!offVer || offVer !~ \"^14\\.\"){\n exit(0);\n}\n\nif(version_in_range(version:offVer, test_version:\"14.0\", test_version2:\"14.3.6\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-08T14:02:23", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Excel Remote Code Execution Vulnerabilities (2858300)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2019-12-20T00:00:00", "id": "OPENVAS:1361412562310902997", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902997", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Excel Remote Code Execution Vulnerabilities (2858300)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902997\");\n script_version(\"2019-12-20T10:24:46+0000\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-20 10:24:46 +0000 (Fri, 20 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 13:11:33 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Excel Remote Code Execution Vulnerabilities (2858300)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS13-073.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists when processing XML data, which can be exploited to\n disclose contents of certain local files by sending specially crafted XML data including external entity references.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Excel 2013\n\n - Microsoft Excel 2003 Service Pack 3 and prior\n\n - Microsoft Excel 2007 Service Pack 3 and prior\n\n - Microsoft Excel 2010 Service Pack 2 and prior\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to corrupt memory and\n disclose sensitive information.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2810048\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2760583\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2760597\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2768017\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/Excel/Version\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\n\nexcelVer = get_kb_item(\"SMB/Office/Excel/Version\");\nif(excelVer =~ \"^1[1245]\\.\")\n{\n if(version_in_range(version:excelVer, test_version:\"11.0\", test_version2:\"11.0.8403\") ||\n version_in_range(version:excelVer, test_version:\"12.0\", test_version2:\"12.0.6679.4999\") ||\n version_in_range(version:excelVer, test_version:\"14.0\", test_version2:\"14.0.7104.4999\") ||\n version_in_range(version:excelVer, test_version:\"15.0\", test_version2:\"15.0.4535.1002\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-10T19:53:10", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Excel Viewer Remote Code Execution Vulnerabilities (2858300)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310902998", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902998", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Excel Viewer Remote Code Execution Vulnerabilities (2858300)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902998\");\n script_version(\"2020-06-09T08:59:39+0000\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 08:59:39 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 13:36:18 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Excel Viewer Remote Code Execution Vulnerabilities (2858300)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS13-073.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists when processing XML data, which can be exploited to\n disclose contents of certain local files by sending specially crafted XML data including external entity references.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Office Excel Viewer 2007.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to corrupt memory and\n disclose sensitive information.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2760590\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/XLView/Version\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\n\n## Microsoft Office Excel Viewer 2007\nexcelviewVer = get_kb_item(\"SMB/Office/XLView/Version\");\nif(excelviewVer =~ \"^12\\.\")\n{\n if(version_in_range(version:excelviewVer, test_version:\"12.0\", test_version2:\"12.0.6679.4999\"))\n {\n report = report_fixed_ver(installed_version:excelviewVer, vulnerable_range:\"12.0 - 12.0.6679.4999\");\n security_message(port: 0, data: report);\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:11:07", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "openvas", "title": "Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (2858300)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3159", "CVE-2013-3158", "CVE-2013-1315"], "modified": "2017-05-08T00:00:00", "id": "OPENVAS:902999", "href": "http://plugins.openvas.org/nasl.php?oid=902999", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms_office_compatibility_pack_ms13-073.nasl 6079 2017-05-08 09:03:33Z teissa $\n#\n# Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (2858300)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(902999);\n script_version(\"$Revision: 6079 $\");\n script_cve_id(\"CVE-2013-1315\", \"CVE-2013-3158\", \"CVE-2013-3159\");\n script_bugtraq_id(62167, 62219, 62225);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-08 11:03:33 +0200 (Mon, 08 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-11 13:54:46 +0530 (Wed, 11 Sep 2013)\");\n script_name(\"Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (2858300)\");\n\n tag_summary =\n\"This host is missing an important security update according to\nMicrosoft Bulletin MS13-073.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws exists when processing XML data, which can be exploited to\ndisclose contents of certain local files by sending specially crafted XML\ndata including external entity references.\";\n\n tag_impact =\n\"Successful exploitation will allow remote attackers to corrupt memory and\ndisclose sensitive information.\n\nImpact Level: Application \";\n\n tag_affected =\n\"Microsoft Office Compatibility Pack Service Pack 3 and prior\";\n\n tag_solution =\n\"Run Windows Update and update the listed hotfixes or download and update\nmentioned hotfixes in the advisory from the below link,\nhttps://technet.microsoft.com/en-us/security/bulletin/ms13-073\";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/54739\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2760588\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms13-073\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/ComptPack/Version\", \"SMB/Office/XLCnv/Version\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\n\n# Variable Initialization\nxlcnvVer = \"\";\n\n## Check for Office Compatibility Pack 2007 and 2007\nif(get_kb_item(\"SMB/Office/ComptPack/Version\") =~ \"^12\\..*\")\n{\n xlcnvVer = get_kb_item(\"SMB/Office/XLCnv/Version\");\n if(xlcnvVer)\n {\n ## Check for Office Excel Converter 2007\n if(version_in_range(version:xlcnvVer, test_version:\"12.0\", test_version2:\"12.0.6679.4999\"))\n {\n security_message(0);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:03", "description": "This host is missing a critical security update according to Microsoft\nBulletin MS13-105.", "cvss3": {}, "published": "2013-12-11T00:00:00", "type": "openvas", "title": "MS Exchange Server Remote Code Execution Vulnerabilities (2915705)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1330", "CVE-2013-5763", "CVE-2013-5791", "CVE-2013-5072"], "modified": "2017-05-08T00:00:00", "id": "OPENVAS:903418", "href": "http://plugins.openvas.org/nasl.php?oid=903418", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms13-105.nasl 6079 2017-05-08 09:03:33Z teissa $\n#\n# MS Exchange Server Remote Code Execution Vulnerabilities (2915705)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(903418);\n script_version(\"$Revision: 6079 $\");\n script_cve_id(\"CVE-2013-1330\", \"CVE-2013-5072\", \"CVE-2013-5763\", \"CVE-2013-5791\");\n script_bugtraq_id(62221, 64085, 63741, 63076);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-08 11:03:33 +0200 (Mon, 08 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-11 10:09:38 +0530 (Wed, 11 Dec 2013)\");\n script_name(\"MS Exchange Server Remote Code Execution Vulnerabilities (2915705)\");\n\n tag_summary =\n\"This host is missing a critical security update according to Microsoft\nBulletin MS13-105.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws are due to,\n- An unspecified error in the Outlook Web Access (OWA) service account.\n- Certain unspecified input is not properly sanitised before being returned\n to the user.\";\n\n tag_impact =\n\"Successful exploitation will allow an attacker to run arbitrary code and\nexecute arbitrary HTML and script code in a user's browser session in context\nof an affected site.\n\nImpact Level: System\";\n\n tag_affected =\n\"Microsoft Exchange Server 2013\nMicrosoft Exchange Server 2007 Service Pack 3\nMicrosoft Exchange Server 2010 Service Pack 2\nMicrosoft Exchange Server 2010 Service Pack 3\";\n\n tag_solution =\n\"Run Windows Update and update the listed hotfixes or download and update\nmentioned hotfixes in the advisory from the below link,\nhttps://technet.microsoft.com/en-us/security/bulletin/ms13-105\";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/55998\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1029329\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2903911\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2903903\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2905616\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2880833\");\n script_xref(name : \"URL\" , value : \"http://www.securitytracker.com/id/1029459\");\n script_xref(name : \"URL\" , value : \"https://technet.microsoft.com/en-us/security/bulletin/ms13-105\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n## Variables Initialization\nkey = \"\";\nexeVer = \"\";\nversion = \"\";\nexchangePath = \"\";\n\n## Confirm the application\nif(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\Exchange\") &&\n !registry_key_exists(key:\"SOFTWARE\\Microsoft\\ExchangeServer\")){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\";\nforeach version (make_list(\"Microsoft Exchange v14\", \"Microsoft Exchange\", \"Microsoft Exchange v15\"))\n{\n exchangePath = registry_get_sz(key: key + version, item:\"InstallLocation\");\n\n if(exchangePath)\n {\n ## Get Version from ExSetup.exe file version\n exeVer = fetch_file_version(sysPath:exchangePath,\n file_name:\"Bin\\ExSetup.exe\");\n\n if(exeVer)\n {\n ## Exchange Server 2007 Service Pack 3 (08.03.0342.004)\n ## Exchange Server 2010 Service Pack 2 (14.02.0390.003)\n ## Exchange Server 2010 Service Pack 3 (14.03.174.001)\n ## Security Update For Exchange Server 2013 CU2 (15.00.0712.031)\n ## Security Update For Exchange Server 2013 CU3 (15.00.0775.041)\n if(version_is_less(version:exeVer, test_version:\"8.3.342.4\") ||\n version_in_range(version:exeVer, test_version:\"14.2\", test_version2:\"14.2.390.2\") ||\n version_in_range(version:exeVer, test_version:\"14.3\", test_version2:\"14.3.174\") ||\n version_in_range(version:exeVer, test_version:\"15.0.770\", test_version2:\"15.0.775.40\") ||\n version_in_range(version:exeVer, test_version:\"15.0.710\", test_version2:\"15.0.712.30\"))\n {\n security_message(0);\n exit(0);\n }\n }\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-01-08T14:03:05", "description": "This host is missing a critical security update according to Microsoft\nBulletin MS13-105.", "cvss3": {}, "published": "2013-12-11T00:00:00", "type": "openvas", "title": "MS Exchange Server Remote Code Execution Vulnerabilities (2915705)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1330", "CVE-2013-5763", "CVE-2013-5791", "CVE-2013-5072"], "modified": "2019-12-20T00:00:00", "id": "OPENVAS:1361412562310903418", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903418", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# MS Exchange Server Remote Code Execution Vulnerabilities (2915705)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903418\");\n script_version(\"2019-12-20T12:48:41+0000\");\n script_cve_id(\"CVE-2013-1330\", \"CVE-2013-5072\", \"CVE-2013-5763\", \"CVE-2013-5791\");\n script_bugtraq_id(62221, 64085, 63741, 63076);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-20 12:48:41 +0000 (Fri, 20 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2013-12-11 10:09:38 +0530 (Wed, 11 Dec 2013)\");\n script_name(\"MS Exchange Server Remote Code Execution Vulnerabilities (2915705)\");\n\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security update according to Microsoft\nBulletin MS13-105.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - An unspecified error in the Outlook Web Access (OWA) service account.\n\n - Certain unspecified input is not properly sanitised before being returned\n to the user.\");\n script_tag(name:\"affected\", value:\"- Microsoft Exchange Server 2013\n\n - Microsoft Exchange Server 2007 Service Pack 3\n\n - Microsoft Exchange Server 2010 Service Pack 2\n\n - Microsoft Exchange Server 2010 Service Pack 3\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker to run arbitrary code and\nexecute arbitrary HTML and script code in a user's browser session in context\nof an affected site.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1029329\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2903911\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2903903\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2905616\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2880833\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1029459\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms13-105\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(!registry_key_exists(key:\"SOFTWARE\\Microsoft\\Exchange\") &&\n !registry_key_exists(key:\"SOFTWARE\\Microsoft\\ExchangeServer\")){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\";\nforeach version (make_list(\"Microsoft Exchange v14\", \"Microsoft Exchange\", \"Microsoft Exchange v15\"))\n{\n exchangePath = registry_get_sz(key: key + version, item:\"InstallLocation\");\n\n if(exchangePath)\n {\n exeVer = fetch_file_version(sysPath:exchangePath,\n file_name:\"Bin\\ExSetup.exe\");\n\n if(exeVer)\n {\n ## Exchange Server 2007 Service Pack 3 (08.03.0342.004)\n ## Exchange Server 2010 Service Pack 2 (14.02.0390.003)\n ## Exchange Server 2010 Service Pack 3 (14.03.174.001)\n ## Security Update For Exchange Server 2013 CU2 (15.00.0712.031)\n ## Security Update For Exchange Server 2013 CU3 (15.00.0775.041)\n if(version_is_less(version:exeVer, test_version:\"8.3.342.4\") ||\n version_in_range(version:exeVer, test_version:\"14.2\", test_version2:\"14.2.390.2\") ||\n version_in_range(version:exeVer, test_version:\"14.3\", test_version2:\"14.3.174\") ||\n version_in_range(version:exeVer, test_version:\"15.0.770\", test_version2:\"15.0.775.40\") ||\n version_in_range(version:exeVer, test_version:\"15.0.710\", test_version2:\"15.0.712.30\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2023-02-09T14:36:53", "description": "Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Word Memory Corruption Vulnerability,\" a different vulnerability than CVE-2013-3848, CVE-2013-3849, and CVE-2013-3858.", "cvss3": {}, "published": "2013-09-11T14:03:00", "type": "cve", "title": "CVE-2013-3847", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3847", "CVE-2013-3848", "CVE-2013-3849", "CVE-2013-3858"], "modified": "2018-10-12T22:04:00", "cpe": ["cpe:/a:microsoft:sharepoint_services:2.0", "cpe:/a:microsoft:sharepoint_portal_server:2003", "cpe:/a:microsoft:word_viewer:*", "cpe:/a:microsoft:word:2010", "cpe:/a:microsoft:office_compatibility_pack:*", "cpe:/a:microsoft:word:2007", "cpe:/a:microsoft:sharepoint_server:2010", "cpe:/a:microsoft:word:2003", "cpe:/a:microsoft:office_web_apps:2010", "cpe:/a:microsoft:sharepoint_foundation:2010", "cpe:/a:microsoft:sharepoint_services:3.0"], "id": "CVE-2013-3847", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3847", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_portal_server:2003:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_services:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word_viewer:*:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_services:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:36:52", "description": "Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Word Memory Corruption Vulnerability,\" a different vulnerability than CVE-2013-3847, CVE-2013-3849, and CVE-2013-3858.", "cvss3": {}, "published": "2013-09-11T14:03:00", "type": "cve", "title": "CVE-2013-3848", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3847", "CVE-2013-3848", "CVE-2013-3849", "CVE-2013-3858"], "modified": "2018-10-12T22:04:00", "cpe": ["cpe:/a:microsoft:word_viewer:*", "cpe:/a:microsoft:word:2010", "cpe:/a:microsoft:office_compatibility_pack:*", "cpe:/a:microsoft:word:2007", "cpe:/a:microsoft:sharepoint_server:2010", "cpe:/a:microsoft:word:2003", "cpe:/a:microsoft:office_web_apps:2010"], "id": "CVE-2013-3848", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3848", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word_viewer:*:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:36:53", "description": "Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Word Memory Corruption Vulnerability,\" a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3858.", "cvss3": {}, "published": "2013-09-11T14:03:00", "type": "cve", "title": "CVE-2013-3849", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3847", "CVE-2013-3848", "CVE-2013-3849", "CVE-2013-3858"], "modified": "2018-10-12T22:04:00", "cpe": ["cpe:/a:microsoft:office_web_apps:2010", "cpe:/a:microsoft:word_viewer:*", "cpe:/a:microsoft:word:2007", "cpe:/a:microsoft:office_compatibility_pack:*", "cpe:/a:microsoft:sharepoint_server:2010", "cpe:/a:microsoft:word:2003", "cpe:/a:microsoft:word:2010"], "id": "CVE-2013-3849", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3849", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word_viewer:*:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2010:sp1:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:36:53", "description": "Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Word Memory Corruption Vulnerability,\" a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3849.", "cvss3": {}, "published": "2013-09-11T14:03:00", "type": "cve", "title": "CVE-2013-3858", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3847", "CVE-2013-3848", "CVE-2013-3849", "CVE-2013-3858"], "modified": "2018-10-12T22:05:00", "cpe": ["cpe:/a:microsoft:office_web_apps:2010", "cpe:/a:microsoft:word_viewer:*", "cpe:/a:microsoft:word:2007", "cpe:/a:microsoft:office_compatibility_pack:*", "cpe:/a:microsoft:sharepoint_server:2010", "cpe:/a:microsoft:word:2003", "cpe:/a:microsoft:word:2010"], "id": "CVE-2013-3858", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3858", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2010:sp1:*:*:*:x86:*:*", "cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word_viewer:*:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2010:sp1:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:31:53", "description": "The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute, which allows remote attackers to execute arbitrary code by leveraging an unassigned workflow, aka \"MAC Disabled Vulnerability.\"", "cvss3": {}, "published": "2013-09-11T14:03:00", "type": "cve", "title": "CVE-2013-1330", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1330"], "modified": "2018-10-12T22:04:00", "cpe": ["cpe:/a:microsoft:sharepoint_services:2.0", "cpe:/a:microsoft:sharepoint_portal_server:2003", "cpe:/a:microsoft:sharepoint_server:2010", "cpe:/a:microsoft:sharepoint_server:2007", "cpe:/a:microsoft:office_web_apps:2010", "cpe:/a:microsoft:sharepoint_foundation:2010", "cpe:/a:microsoft:sharepoint_services:3.0"], "id": "CVE-2013-1330", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1330", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_portal_server:2003:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_services:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_services:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:31:50", "description": "Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"", "cvss3": {}, "published": "2013-09-11T14:03:00", "type": "cve", "title": "CVE-2013-1315", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1315"], "modified": "2018-10-12T22:04:00", "cpe": ["cpe:/a:microsoft:sharepoint_services:2.0", "cpe:/a:microsoft:sharepoint_portal_server:2003", "cpe:/a:microsoft:excel:2010", "cpe:/a:microsoft:office:2011", "cpe:/a:microsoft:excel:2007", "cpe:/a:microsoft:office_compatibility_pack:*", "cpe:/a:microsoft:sharepoint_server:2010", "cpe:/a:microsoft:sharepoint_server:2007", "cpe:/a:microsoft:excel:2003", "cpe:/a:microsoft:office_web_apps:2010", "cpe:/a:microsoft:excel_2013_rt:-", "cpe:/a:microsoft:sharepoint_foundation:2010", "cpe:/a:microsoft:sharepoint_services:3.0", "cpe:/a:microsoft:excel_viewer:*", "cpe:/a:microsoft:excel:2013"], "id": "CVE-2013-1315", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1315", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_portal_server:2003:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_services:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_services:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office:2011:*:mac:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2013:*:*:*:*:x86:*:*", "cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:x86:*:*", "cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:excel:2013:*:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:excel_2013_rt:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:36:54", "description": "Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and SP2 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1 and SP2, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Word Memory Corruption Vulnerability.\"", "cvss3": {}, "published": "2013-09-11T14:03:00", "type": "cve", "title": "CVE-2013-3857", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3857"], "modified": "2018-10-12T22:05:00", "cpe": ["cpe:/a:microsoft:office_web_apps:2010", "cpe:/a:microsoft:word_viewer:*", "cpe:/a:microsoft:office_compatibility_pack:*", "cpe:/a:microsoft:word:2007", "cpe:/a:microsoft:sharepoint_server:2010", "cpe:/a:microsoft:word:2003", "cpe:/a:microsoft:word:2010"], "id": "CVE-2013-3857", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3857", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2010:sp1:*:*:*:x86:*:*", "cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word_viewer:*:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:x86:*:*", "cpe:2.3:a:microsoft:word:2010:sp1:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:35:28", "description": "Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka \"SharePoint XSS Vulnerability.\"", "cvss3": {}, "published": "2013-09-11T14:03:00", "type": "cve", "title": "CVE-2013-3179", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3179"], "modified": "2018-10-12T22:04:00", "cpe": ["cpe:/a:microsoft:sharepoint_foundation:2010", "cpe:/a:microsoft:sharepoint_services:3.0", "cpe:/a:microsoft:sharepoint_server:2010", "cpe:/a:microsoft:sharepoint_server:2007"], "id": "CVE-2013-3179", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3179", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_services:3.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:29:08", "description": "Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of service (W3WP process hang) via a crafted URL, aka \"SharePoint Denial of Service Vulnerability.\"", "cvss3": {}, "published": "2013-09-11T14:03:00", "type": "cve", "title": "CVE-2013-0081", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0081"], "modified": "2018-10-12T22:03:00", "cpe": ["cpe:/a:microsoft:sharepoint_services:2.0", "cpe:/a:microsoft:sharepoint_portal_server:2003", "cpe:/a:microsoft:sharepoint_server:2013", "cpe:/a:microsoft:sharepoint_foundation:2013", "cpe:/a:microsoft:sharepoint_server:2010", "cpe:/a:microsoft:sharepoint_server:2007", "cpe:/a:microsoft:sharepoint_foundation:2010", "cpe:/a:microsoft:sharepoint_services:3.0"], "id": "CVE-2013-0081", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0081", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_portal_server:2003:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2013:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2013:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_services:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_services:3.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:35:28", "description": "Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 and SP2 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted POST request, aka \"POST XSS Vulnerability.\"", "cvss3": {}, "published": "2013-09-11T14:03:00", "type": "cve", "title": "CVE-2013-3180", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3180"], "modified": "2018-10-12T22:04:00", "cpe": ["cpe:/a:microsoft:sharepoint_foundation:2010", "cpe:/a:microsoft:sharepoint_server:2010"], "id": "CVE-2013-3180", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3180", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1:*:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2021-06-08T19:07:48", "description": "Memory corruption on Outlook S/MIME parsing. Information leakage, multiple memory corruptions.", "cvss3": {}, "published": "2013-09-11T00:00:00", "type": "securityvulns", "title": "Microsoft Office multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2013-3847", "CVE-2013-3849", "CVE-2013-3851", "CVE-2013-3852", "CVE-2013-3850", "CVE-2013-3857", "CVE-2013-3848", "CVE-2013-3870", "CVE-2013-3157", "CVE-2013-3854", "CVE-2013-3159", "CVE-2013-3859", "CVE-2013-3855", "CVE-2013-3856", "CVE-2013-3158", "CVE-2013-3156", "CVE-2013-3853", "CVE-2013-3858", "CVE-2013-3160", "CVE-2013-1315", "CVE-2013-3155"], "modified": "2013-09-11T00:00:00", "id": "SECURITYVULNS:VULN:13276", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13276", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:55:38", "description": "Machine authentication check code execution, crossite scripting, Oracle components code execution.", "cvss3": {}, "published": "2013-12-16T00:00:00", "type": "securityvulns", "title": "Microsoft Exchange Server multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2013-1330", "CVE-2013-5763", "CVE-2013-5791", "CVE-2013-5072"], "modified": "2013-12-16T00:00:00", "id": "SECURITYVULNS:VULN:13455", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13455", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T17:40:47", "description": "BUGTRAQ ID: 62221\r\nCVE(CAN) ID: CVE-2013-1330\r\n\r\nSharePoint Server\u662f\u4e00\u4e2a\u670d\u52a1\u5668\u529f\u80fd\u96c6\u6210\u5957\u4ef6\uff0c\u63d0\u4f9b\u5168\u9762\u7684\u5185\u5bb9\u7ba1\u7406\u548c\u4f01\u4e1a\u641c\u7d22\uff0c\u52a0\u901f\u5171\u4eab\u4e1a\u52a1\u6d41\u7a0b\u5e76\u7b80\u5316\u8de8\u754c\u9650\u4fe1\u606f\u5171\u4eab\u3002\r\n\r\nSharePoint Server\u5904\u7406\u672a\u5206\u914d\u5de5\u4f5c\u6d41\u65f6MAC\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u53ef\u4f7f\u8fdc\u7a0b\u653b\u51fb\u8005\u5728W3WP\u670d\u52a1\u5e10\u53f7\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n0\r\nMicrosoft SharePoint Server 2010 SP1\r\nMicrosoft SharePoint Foundation 2010 SP1\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMicrosoft\r\n---------\r\nMicrosoft\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08ms13-067\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nms13-067\uff1aVulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2834052)\r\n\u94fe\u63a5\uff1ahttp://technet.microsoft.com/security/bulletin/ms13-067", "cvss3": {}, "published": "2013-09-13T00:00:00", "title": "Microsoft SharePoint\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e(CVE-2013-1330)(MS13-067)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2013-1330"], "modified": "2013-09-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60999", "id": "SSV:60999", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T17:40:37", "description": "BUGTRAQ ID: 62167\r\nCVE(CAN) ID: CVE-2013-1315\r\n\r\nExcel\u662f\u5fae\u8f6f\u516c\u53f8\u7684\u529e\u516c\u8f6f\u4ef6\u7684\u8bd5\u7b97\u8868\u8f6f\u4ef6\u7ec4\u4ef6\u3002\r\n\r\nMicrosoft Excel \u5206\u6790 Excel \u6587\u4ef6\u4e2d\u7684\u5185\u5bb9\u7684\u65b9\u5f0f\u4e2d\u5b58\u5728\u4e00\u4e2a\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u6f0f\u6d1e\u3002\u6210\u529f\u5229\u7528\u6b64\u6f0f\u6d1e\u7684\u653b\u51fb\u8005\u53ef\u4ee5\u5b8c\u5168\u63a7\u5236\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u3002\r\n0\r\nMicrosoft Office 2013\r\nMicrosoft Office 2010\r\nMicrosoft Office 2007\r\nMicrosoft Office 2003\r\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n\u5982\u679c\u60a8\u4e0d\u80fd\u7acb\u523b\u5b89\u88c5\u8865\u4e01\u6216\u8005\u5347\u7ea7\uff0cSebug\u5efa\u8bae\u60a8\u91c7\u53d6\u4ee5\u4e0b\u63aa\u65bd\u4ee5\u964d\u4f4e\u5a01\u80c1\uff1a\r\n\r\n*\u4f7f\u7528 Microsoft Office \u6587\u4ef6\u963b\u6b62\u7b56\u7565\u7981\u6b62\u6253\u5f00 Excel \u4e8c\u8fdb\u5236\u6587\u4ef6\r\n*\u4e0d\u8981\u6253\u5f00\u4ece\u4e0d\u53d7\u4fe1\u4efb\u6765\u6e90\u6216\u4ece\u53d7\u4fe1\u4efb\u6765\u6e90\u610f\u5916\u6536\u5230\u7684 Office \u6587\u4ef6\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMicrosoft\r\n---------\r\nMicrosoft\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08MS13-073\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nMS13-073\uff1aVulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2858300)\r\n\u94fe\u63a5\uff1ahttp://technet.microsoft.com/security/bulletin/MS13-073", "cvss3": {}, "published": "2013-09-13T00:00:00", "title": "Microsoft Excel\u5185\u5b58\u7834\u574f\u6f0f\u6d1e(CVE-2013-1315)(MS13-073)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2013-1315"], "modified": "2013-09-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61002", "id": "SSV:61002", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T17:40:42", "description": "BUGTRAQ ID: 62226\r\nCVE(CAN) ID: CVE-2013-3858\r\n\r\nMicrosoft Word \u5c5e\u4e8e\u529e\u516c\u8f6f\u4ef6\u662f\u5fae\u8f6f\u516c\u53f8\u7684\u4e00\u4e2a\u6587\u5b57\u5904\u7406\u5668\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\n\u53d7\u5f71\u54cd\u7684 Microsoft Office \u8f6f\u4ef6\u5206\u6790\u7279\u5236\u6587\u4ef6\u7684\u65b9\u5f0f\u4e2d\u5b58\u5728\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u6f0f\u6d1e\u3002\u6210\u529f\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u7684\u653b\u51fb\u8005\u53ef\u4ee5\u5b8c\u5168\u63a7\u5236\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u3002\u653b\u51fb\u8005\u53ef\u968f\u540e\u5b89\u88c5\u7a0b\u5e8f\uff1b\u67e5\u770b\u3001\u66f4\u6539\u6216\u5220\u9664\u6570\u636e\uff1b\u6216\u8005\u521b\u5efa\u62e5\u6709\u5b8c\u5168\u7528\u6237\u6743\u9650\u7684\u65b0\u5e10\u6237\u3002\r\n0\r\nMicrosoft Office 2010\r\nMicrosoft Office 2007\r\nMicrosoft Office 2003\r\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n* \u5b89\u88c5\u548c\u914d\u7f6e MOICE \u4ee5 \u6210\u4e3a .doc \u6587\u4ef6\u7684\u6ce8\u518c\u5904\u7406\u7a0b\u5e8f\r\n* \u4f7f\u7528 Microsoft Office \u6587\u4ef6\u963b\u6b62\u7b56\u7565\u7981\u6b62\u6253\u5f00 .doc \u548c .dot \u4e8c\u8fdb\u5236\u6587\u4ef6\r\n* \u4e0d\u8981\u6253\u5f00\u4ece\u4e0d\u53d7\u4fe1\u4efb\u6765\u6e90\u6216\u4ece\u53d7\u4fe1\u4efb\u6765\u6e90\u610f\u5916\u6536\u5230\u7684 Office \u6587\u4ef6\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMicrosoft\r\n---------\r\nMicrosoft\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08MS13-072\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nMS13-072\uff1aVulnerabilities in Microsoft Office Could Allow Remote Code Execution (2845537)\r\n\u94fe\u63a5\uff1ahttp://technet.microsoft.com/security/bulletin/MS13-072", "published": "2013-09-13T00:00:00", "title": "Microsoft Word\u8fdc\u7a0b\u5185\u5b58\u7834\u574f\u6f0f\u6d1e(CVE-2013-3858)(MS13-072)", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2013-3858"], "modified": "2013-09-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61001", "id": "SSV:61001", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}], "symantec": [{"lastseen": "2021-06-08T19:04:03", "description": "### Description\n\nMicrosoft SharePoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the guest account on the SharePoint server. Failed exploit attempts will result in a denial-of-service condition.\n\n### Technologies Affected\n\n * Microsoft Excel Web App 2010 Service Pack 1 \n * Microsoft Excel Web App 2010 Service Pack 2 \n * Microsoft Exchange Server 2007 SP3 \n * Microsoft Exchange Server 2010 SP2 \n * Microsoft Exchange Server 2010 SP3 \n * Microsoft Exchange Server 2013 Cumulative Update 1 \n * Microsoft Exchange Server 2013 Cumulative Update 2 \n * Microsoft SharePoint Foundation 2010 SP1 \n * Microsoft SharePoint Foundation 2010 SP2 \n * Microsoft SharePoint Portal Server 2003 SP3 \n * Microsoft SharePoint Server 2007 for 32-bit SP3 \n * Microsoft SharePoint Server 2007 for 64-bit SP3 \n * Microsoft SharePoint Server 2010 SP1 \n * Microsoft SharePoint Server 2010 SP2 \n * Microsoft Windows SharePoint Services 2.0 \n * Microsoft Windows SharePoint Services for 32-bit 3.0 SP3 \n * Microsoft Windows SharePoint Services for 64-bit 3.0 SP3 \n * Microsoft Word Web App 2010 Service Pack 1 \n * Microsoft Word Web App 2010 Service Pack 2 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, block access at the network perimeter to computers hosting the vulnerable application.\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo limit the potential damage that a successful exploit may achieve, run all nonadministrative software as a regular user with the least amount of privileges required to successfully operate.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity such as unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\n**Implement multiple redundant layers of security.** \nSince these issues may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "symantec", "title": "Microsoft SharePoint CVE-2013-1330 Remote Code Execution Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-1330"], "modified": "2013-09-10T00:00:00", "id": "SMNTC-62221", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/62221", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:04:44", "description": "### Description\n\nMicrosoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.\n\n### Technologies Affected\n\n * Microsoft Office Compatibility Pack SP3 \n * Microsoft Office SharePoint Server 2010 SP1 \n * Microsoft Office Web Apps 2010 \n * Microsoft Word 2003 SP1 \n * Microsoft Word 2003 SP2 \n * Microsoft Word 2003 SP3 \n * Microsoft Word 2007 SP1 \n * Microsoft Word 2007 SP2 \n * Microsoft Word 2007 SP3 \n * Microsoft Word 2010 Service Pack 1 32-bit editions \n * Microsoft Word 2010 Service Pack 1 64-bit editions \n * Microsoft Word Viewer \n * Microsoft Word Web App 2010 Service Pack 1 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo mitigate the impact of a successful exploit, run the affected application as a user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of suspicious or anomalous activity. This may help detect malicious actions that an attacker may take after successfully exploiting vulnerabilities in applications. Review all applicable logs regularly.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nNever accept files from untrusted or unknown sources, because they may be malicious in nature. Avoid opening email attachments from unknown or questionable sources.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploit attempts of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "symantec", "title": "Microsoft Word CVE-2013-3849 Remote Memory Corruption Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-3849"], "modified": "2013-09-10T00:00:00", "id": "SMNTC-62169", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/62169", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:03:59", "description": "### Description\n\nMicrosoft Excel is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions.\n\n### Technologies Affected\n\n * Microsoft Excel 2003 SP3 \n * Microsoft Excel 2007 SP3 \n * Microsoft Excel 2010 SP1 (32-bit editions) \n * Microsoft Excel 2010 SP1 (64-bit editions) \n * Microsoft Excel 2010 SP2 (32-bit editions) \n * Microsoft Excel 2010 SP2 (64-bit editions) \n * Microsoft Excel 2013 (32-bit editions) \n * Microsoft Excel 2013 (64-bit editions) \n * Microsoft Excel 2013 RT \n * Microsoft Excel Viewer \n * Microsoft Excel Web App 2010 Service Pack 1 \n * Microsoft Excel Web App 2010 Service Pack 2 \n * Microsoft Office Compatibility Pack SP3 \n * Microsoft Office for Mac 2011 \n * Microsoft SharePoint Server 2007 for 32-bit SP3 \n * Microsoft SharePoint Server 2007 for 64-bit SP3 \n * Microsoft SharePoint Server 2010 SP1 \n * Microsoft SharePoint Server 2010 SP2 \n * Microsoft Word Web App 2010 Service Pack 1 \n * Microsoft Word Web App 2010 Service Pack 2 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of suspicious or anomalous activity. This may help detect malicious actions that an attacker may take after successfully exploiting vulnerabilities in applications. Review all applicable logs regularly.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nTo reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "symantec", "title": "Microsoft Excel CVE-2013-1315 Memory Corruption Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-1315"], "modified": "2013-09-10T00:00:00", "id": "SMNTC-62167", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/62167", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:04:44", "description": "### Description\n\nMicrosoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.\n\n### Technologies Affected\n\n * Microsoft Office Compatibility Pack SP3 \n * Microsoft Office Web Apps 2010 \n * Microsoft SharePoint Server 2010 SP1 \n * Microsoft SharePoint Server 2010 SP2 \n * Microsoft Word 2003 SP1 \n * Microsoft Word 2003 SP2 \n * Microsoft Word 2003 SP3 \n * Microsoft Word 2007 SP1 \n * Microsoft Word 2007 SP2 \n * Microsoft Word 2007 SP3 \n * Microsoft Word 2010 Service Pack 1 32-bit editions \n * Microsoft Word 2010 Service Pack 1 64-bit editions \n * Microsoft Word 2010 Service Pack 2 (32-bit editions) \n * Microsoft Word Viewer \n * Microsoft Word Web App 2010 Service Pack 1 \n * Microsoft Word Web App 2010 Service Pack 2 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo mitigate the impact of a successful exploit, run the affected application as a user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of suspicious or anomalous activity. This may help detect malicious actions that an attacker may take after successfully exploiting vulnerabilities in applications. Review all applicable logs regularly.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nNever accept files from untrusted or unknown sources, because they may be malicious in nature. Avoid opening email attachments from unknown or questionable sources.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploit attempts of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "symantec", "title": "Microsoft Word CVE-2013-3857 Remote Memory Corruption Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-3857"], "modified": "2013-09-10T00:00:00", "id": "SMNTC-62224", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/62224", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:04:53", "description": "### Description\n\nMicrosoft SharePoint is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code could be executed in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user; other attacks are also possible.\n\n### Technologies Affected\n\n * Microsoft SharePoint Foundation 2010 SP1 \n * Microsoft SharePoint Foundation 2010 SP2 \n * Microsoft SharePoint Foundation 2013 \n * Microsoft SharePoint Server 2007 for 32-bit SP3 \n * Microsoft SharePoint Server 2007 for 64-bit SP3 \n * Microsoft SharePoint Server 2010 SP1 \n * Microsoft SharePoint Server 2010 SP2 \n * Microsoft SharePoint Server 2013 \n * Microsoft Windows SharePoint Services for 32-bit 3.0 SP3 \n * Microsoft Windows SharePoint Services for 64-bit 3.0 SP3 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nAttackers may successfully exploit client flaws in the browser through cross-site scripting vulnerabilities. When possible, run client software as regular user accounts with limited access to system resources. This may limit the immediate consequences of client-side vulnerabilities. \n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to detect and block attacks and anomalous activity such as requests containing suspicious URI sequences. Since the webserver may log such requests, review its logs regularly.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to websites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users. \n\n**Set web browser security to disable the execution of script code or active content.** \nSince exploiting cross-site scripting issues often requires malicious script code to run in browsers, consider disabling script code and active content support within a client browser as a way to prevent a successful exploit. Note that this mitigation tactic might adversely affect legitimate sites that rely on the execution of browser-based script code. \n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "symantec", "title": "Microsoft SharePoint CVE-2013-3179 Multiple HTML Injection Vulnerabilities", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-3179"], "modified": "2013-09-10T00:00:00", "id": "SMNTC-62227", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/62227", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2021-06-08T19:04:45", "description": "### Description\n\nMicrosoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.\n\n### Technologies Affected\n\n * Microsoft Office Compatibility Pack SP3 \n * Microsoft Office Web Apps 2010 \n * Microsoft SharePoint Server 2010 SP1 \n * Microsoft Word 2003 SP1 \n * Microsoft Word 2003 SP2 \n * Microsoft Word 2003 SP3 \n * Microsoft Word 2007 SP1 \n * Microsoft Word 2007 SP2 \n * Microsoft Word 2007 SP3 \n * Microsoft Word 2010 Service Pack 1 32-bit editions \n * Microsoft Word 2010 Service Pack 1 64-bit editions \n * Microsoft Word Viewer \n * Microsoft Word Web App 2010 Service Pack 1 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo mitigate the impact of a successful exploit, run the affected application as a user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of suspicious or anomalous activity. This may help detect malicious actions that an attacker may take after successfully exploiting vulnerabilities in applications. Review all applicable logs regularly.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nNever accept files from untrusted or unknown sources, because they may be malicious in nature. Avoid opening email attachments from unknown or questionable sources.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploit attempts of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "symantec", "title": "Microsoft Word CVE-2013-3858 Remote Memory Corruption Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-3858"], "modified": "2013-09-10T00:00:00", "id": "SMNTC-62226", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/62226", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:04:54", "description": "### Description\n\nMicrosoft SharePoint is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the application to become unresponsive, denying service to legitimate users.\n\n### Technologies Affected\n\n * Microsoft SharePoint Foundation 2010 SP1 \n * Microsoft SharePoint Foundation 2010 SP2 \n * Microsoft SharePoint Foundation 2013 \n * Microsoft SharePoint Portal Server 2003 SP3 \n * Microsoft SharePoint Server 2007 for 32-bit SP3 \n * Microsoft SharePoint Server 2007 for 64-bit SP3 \n * Microsoft SharePoint Server 2010 SP1 \n * Microsoft SharePoint Server 2010 SP2 \n * Microsoft SharePoint Server 2013 \n * Microsoft Windows SharePoint Services 2.0 \n * Microsoft Windows SharePoint Services for 32-bit 3.0 SP3 \n * Microsoft Windows SharePoint Services for 64-bit 3.0 SP3 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This may indicate exploit attempts or activity that results from successful exploits.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "symantec", "title": "Microsoft SharePoint CVE-2013-0081 Denial of Service Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-0081"], "modified": "2013-09-10T00:00:00", "id": "SMNTC-62205", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/62205", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:04:45", "description": "### Description\n\nMicrosoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.\n\n### Technologies Affected\n\n * Microsoft Office Compatibility Pack SP3 \n * Microsoft Office Web Apps 2010 \n * Microsoft SharePoint Server 2010 SP1 \n * Microsoft Word 2003 SP1 \n * Microsoft Word 2003 SP2 \n * Microsoft Word 2003 SP3 \n * Microsoft Word 2007 SP1 \n * Microsoft Word 2007 SP2 \n * Microsoft Word 2007 SP3 \n * Microsoft Word 2010 Service Pack 1 32-bit editions \n * Microsoft Word 2010 Service Pack 1 64-bit editions \n * Microsoft Word Viewer \n * Microsoft Word Web App 2010 Service Pack 1 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo mitigate the impact of a successful exploit, run the affected application as a user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of suspicious or anomalous activity. This may help detect malicious actions that an attacker may take after successfully exploiting vulnerabilities in applications. Review all applicable logs regularly.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nNever accept files from untrusted or unknown sources, because they may be malicious in nature. Avoid opening email attachments from unknown or questionable sources.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploit attempts of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "symantec", "title": "Microsoft Word CVE-2013-3848 Remote Memory Corruption Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-3848"], "modified": "2013-09-10T00:00:00", "id": "SMNTC-62168", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/62168", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:04:44", "description": "### Description\n\nMicrosoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.\n\n### Technologies Affected\n\n * Microsoft Office Compatibility Pack SP3 \n * Microsoft Office Web Apps 2010 \n * Microsoft SharePoint Server 2010 SP1 \n * Microsoft Word 2003 SP1 \n * Microsoft Word 2003 SP2 \n * Microsoft Word 2003 SP3 \n * Microsoft Word 2007 SP1 \n * Microsoft Word 2007 SP2 \n * Microsoft Word 2007 SP3 \n * Microsoft Word 2010 Service Pack 1 32-bit editions \n * Microsoft Word 2010 Service Pack 1 64-bit editions \n * Microsoft Word Viewer \n * Microsoft Word Web App 2010 Service Pack 1 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo mitigate the impact of a successful exploit, run the affected application as a user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of suspicious or anomalous activity. This may help detect malicious actions that an attacker may take after successfully exploiting vulnerabilities in applications. Review all applicable logs regularly.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nNever accept files from untrusted or unknown sources, because they may be malicious in nature. Avoid opening email attachments from unknown or questionable sources.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploit attempts of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "symantec", "title": "Microsoft Word CVE-2013-3847 Remote Memory Corruption Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-3847"], "modified": "2013-09-10T00:00:00", "id": "SMNTC-62165", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/62165", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:04:53", "description": "### Description\n\nMicrosoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to perform unauthorized actions such as reading, modifying, or deleting content on behalf of the victim on the SharePoint site.\n\n### Technologies Affected\n\n * Microsoft SharePoint Foundation 2010 SP1 \n * Microsoft SharePoint Foundation 2010 SP2 \n * Microsoft SharePoint Foundation 2013 \n * Microsoft SharePoint Server 2010 SP1 \n * Microsoft SharePoint Server 2010 SP2 \n * Microsoft SharePoint Server 2013 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nAttackers may successfully exploit client flaws in the browser through cross-site scripting vulnerabilities. When possible, run client software as regular user accounts with limited access to system resources. This may limit the immediate consequences of client-side vulnerabilities. \n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to detect and block attacks and anomalous activity such as requests containing suspicious URI sequences. Since the webserver may log such requests, review its logs regularly.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to websites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users. \n\n**Set web browser security to disable the execution of script code or active content.** \nSince exploiting cross-site scripting issues often requires malicious script code to run in browsers, consider disabling script code and active content support within a client browser as a way to prevent a successful exploit. Note that this mitigation tactic might adversely affect legitimate sites that rely on the execution of browser-based script code. \n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "symantec", "title": "Microsoft SharePoint CVE-2013-3180 Cross Site Scripting Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2013-3180"], "modified": "2013-09-10T00:00:00", "id": "SMNTC-62254", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/62254", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "checkpoint_advisories": [{"lastseen": "2022-11-28T06:59:57", "description": "A remote code execution vulnerability exists in Microsoft SharePoint Server.", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft SharePoint Server MAC Disabled Remote Code Execution (MS13-067; CVE-2013-1330)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2013-1330"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2013-2919", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-28T07:01:00", "description": "A remote code execution vulnerability exists in the way that Microsoft Excel parses content in Excel files.", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Excel Memory Corruption (MS13-067; CVE-2013-1315)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2013-1315"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2013-2915", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-28T07:02:04", "description": "A denial of service vulnerability exists in Microsoft SharePoint Server.", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft SharePoint W3WP Denial of Service (MS13-067; CVE-2013-0081)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2013-0081"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2013-2910", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-28T07:03:18", "description": "A remote code execution vulnerability has been reported in Microsoft Word.", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Word Memory Corruption (MS13-072: CVE-2013-3848)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2013-3848"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2013-2929", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-28T07:03:23", "description": "An elevation of privilege exists in Microsoft SharePoint Server.", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft SharePoint POST Cross-site Scripting (MS13-067; CVE-2013-3180)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2013-3180"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2013-2907", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}], "threatpost": [{"lastseen": "2018-10-06T23:00:10", "description": "It\u2019s no secret that putting SharePoint installations online and making them accessible without authentication is standard practice in many organizations. Those SharePoint administrators, however, may want to rethink their policies after [today\u2019s Microsoft Patch Tuesday security bulletins release](<http://technet.microsoft.com/en-us/security/bulletin/ms13-sep>).\n\nMicrosoft patched 10 critical SharePoint vulnerabilities today, one of four critical bulletins released by Microsoft\u2014among 13 in all, patching 47 vulnerabilities across a number of product lines. Details of one of the SharePoint bugs\u2014a POST cross-site scripting flaw\u2014have already been publicly disclosed, and all of the vulnerabilities can lead to remote code execution on the collaboration server.\n\nMicrosoft SharePoint Server 2007 and 2010 are affected, according to bulletin [MS13-067](<http://technet.microsoft.com/en-us/security/bulletin/ms13-067>), as are Microsoft SharePoint Services 2.0 and 3.0, and Microsoft SharePoint Foundation 2010. The most critical is CVE-2013-1330, a remote code execution bug that could give an attacker privileges in the context of the W3WP service account. While the bug requires authentication, any SharePoint server that has disabled it is vulnerable to exploit without user interaction.\n\n\u201cIt\u2019s interesting that Microsoft prioritized the SharePoint bulletin as highly as they did. In theory, the vulnerability requires authentication. Given the frequency with which people disable SharePoint authentication and the ease of access to documentation on that process, the priority needs to be that high,\u201d said Tyler Reguly, technical manager of security research and development at Tripwire. \u201cPeople know their computers and email need good passwords. It boggles my mind that we see so many SharePoint deployments in anonymous mode.\u201d\n\nMicrosoft is also patching denial of service, memory corruption and cross-site scripting vulnerabilities in SharePoint. Attackers can tamper with ViewState data and crash a SharePoint server that is running without authentication, or gain code execution by sending malicious ViewState data.\n\n\u201cBy default, the pages require authentication, which limits the attack vector,\u201d said Qualys CTO Wolfgang Kandek. \u201cIf you have reconfigured authentication, this bulletin should be high on your list.\u201d\n\nPlenty of angst was shared following [last week\u2019s advance notification of today\u2019s patches](<http://threatpost.com/critical-office-sharepoint-patches-await-september-patch-tuesday-release-2/102205>) regarding a bug in Outlook that was exploitable by merely previewing an email message. Microsoft still rated [MS13-068](<http://technet.microsoft.com/en-us/security/bulletin/ms13-068>) critical, but defused a lot of worry over its potential for exploit, explaining that the flaw would difficult if not impossible to trigger.\n\n\u201cIn fact, we\u2019re not certain that the issue is exploitable at all, but out of an abundance of caution and because attack technology improves over time, we are issuing the security update today,\u201d said Jinwook Shin of the Microsoft Security Resource Center.\n\nThe bug is a message certificate vulnerability, which exists in the way Outlook 2007 and 2010 parses S/MIME messages, Microsoft said. Shin called it a double free vulnerability in a [blogpost](<http://blogs.technet.com/b/srd/archive/2013/09/10/ms13-068-a-difficult-to-exploit-double-free-in-outlook.aspx>) and explained that the conditions for exploit are not always met.\n\n\u201cAn attacker can exploit the certificate parsing algorithm by signing an e-mail and nesting over 256 certificates in the signature,\u201d Qualys\u2019 Kandek said. \u201cThe attack causes a buffer overflow, even if just visualized in Outlook\u2019s preview pane.\u201d\n\nMicrosoft also released another cumulative security update for Internet Explorer. Bulletin [MS13-069](<https://technet.microsoft.com/en-us/security/bulletin/ms13-069>) patches 10 vulnerabilities that can be triggered by visiting malicious sites; IE 6-10 are impacted by the numerous memory corruption vulnerabilities.\n\nThe final critical vulnerability, [MS13-070](<https://technet.microsoft.com/en-us/security/bulletin/ms13-070>), is in Windows, specifically in OLE that allows remote code execution if a file with a malicious OLE object is opened. The bulletin, however, is limited to Windows XP and Windows Server 2003, both of which will no longer be supported after April 2014.\n\n\u201cMS13-070 is concerning because it only applies to XP and Server 2003 and those vulnerabilities tend to be less \u2018contained\u2019 than more mature versions of Windows,\u201d said Rapid7 senior manager of security engineering Ross Barrett. \u201cXP and Office 2003 have shown no let-up in patching frequency, despite the end of support for XP looming just around the corner in April 2014. April will be here before we know it, and who knows what patches will never make it out the door, let alone be found after that date in one of the world\u2019s most widely deployed operating systems.\u201d\n\nThe remaining bulletins were rated Important by Microsoft:\n\n * [MS13-071](<https://technet.microsoft.com/en-us/security/bulletin/ms13-071>) is a remote code execution bug in Windows Theme File executed when a user is tricked into applying a malicious these on their system.\n * [MS13-072](<https://technet.microsoft.com/en-us/security/bulletin/ms13-072>) patches 13 vulnerabilities in Microsoft Word and [MS 13-073](<https://technet.microsoft.com/en-us/security/bulletin/ms13-073>) is another Office patch, this one in Excel, both of which could lead to remote code execution. Kandek said: \u201cTo exploit these, an attacker needs to entice the target to open a malicious file, most likely through a spear phishing type of e-mail. Microsoft only rates these vulnerabilities as \u2018important\u2019 because they require the target to cooperate. However, attackers have proven time and again that they have the necessary social engineering techniques to overcome that obstacle with ease.\u201d\n * [MS13-074](<https://technet.microsoft.com/en-us/security/bulletin/ms13-074>) repairs three vulnerabilities in the Microsoft Access database that could give an attacker remote code execution capabilities if a user opens a malicious file\n * [MS13-075](<https://technet.microsoft.com/en-us/security/bulletin/ms13-075>) patches a vulnerability in Microsoft Office IME (Chinese) that could give an attacker elevated privileges on a compromised machine. The attacker would have to be logged on and launch IE from the toolbar in Microsoft Pinyin IME for Chinese.\n * [MS13-076](<https://technet.microsoft.com/en-us/security/bulletin/ms13-076>) addresses a Windows vulnerability in Kernel-Mode drivers that enables elevation of privileges.\n * [MS13-077](<https://technet.microsoft.com/en-us/security/bulletin/ms13-077>) patches a Window bug in the Windows Service Control Manager that leads to privilege escalation.\n * [MS13-078](<https://technet.microsoft.com/en-us/security/bulletin/ms13-078>) fixes an information disclosure vulnerability in Microsoft FrontPage.\n * [MS13-079](<https://technet.microsoft.com/en-us/security/bulletin/ms13-079>) patches a denial of service vulnerability in Active Directory.\n", "cvss3": {}, "published": "2013-09-10T14:51:14", "type": "threatpost", "title": "SharePoint Fixes Priority for September 2013 Patch Tuesday", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2013-1330", "CVE-2017-11882"], "modified": "2013-09-13T16:37:51", "id": "THREATPOST:0C5877DE6DD50B0CB309505FAE7076AC", "href": "https://threatpost.com/critical-sharepoint-bulletin-top-priority-on-patch-tuesday/102246/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}