Lucene search
RootSSV:20298HistoryDec 19, 2010 - 12:00 a.m.
Microsoft SharePoint畸形SOAP请求远程代码执行漏洞(MS10-104)
2010-12-1900:00:00
Root
www.seebug.org
20
0.971 High
EPSS
Percentile
99.8%
BUGTRAQ ID: 45264
CVE ID: CVE-2010-3964
SharePoint Server是一个服务器功能集成套件,提供全面的内容管理和企业搜索,加速共享业务流程并简化跨界限信息共享。
Sharepoint实现上存在漏洞,远程攻击者可以利用此漏洞通过请求注入命令到服务器上执行。
此漏洞源于处理发送到Document Conversions Launcher服务的SOAP请求时出现验证错误,可通过上传的特制请求导致在受影响的服务器上执行任意命令。
Microsoft SharePoint Server
厂商补丁:
Microsoft
Microsoft已经为此发布了一个安全公告(MS10-104)以及相应补丁:
MS10-104:Vulnerability in Microsoft SharePoint Could Allow Remote Code Execution (2455005)
http://www.microsoft.com/technet/security/bulletin/MS10-104.asp
Related
cvelist
cvelist
CVE-2010-3964
2010-12-16 19:00:00
cve
cve
CVE-2010-3964
2010-12-16 19:33:03
saint
saint
Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability
2011-11-23 00:00:00
Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability
2011-11-23 00:00:00
Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability
2011-11-23 00:00:00
openvas
openvas
nessus
nessus
packetstorm
packetstorm
Microsoft Office SharePoint Server 2007 Remote Code Execution
2012-07-30 00:00:00
nvd
nvd
CVE-2010-3964
2010-12-16 19:33:03
zdi
zdi
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
Microsoft Sharepoint code execution
2010-12-15 00:00:00
prion
prion
Unrestricted file upload
2010-12-16 19:33:00