Lucene search
Oleksandr MiroshZDI-10-287HistoryDec 14, 2010 - 12:00 a.m.
Microsoft SharePoint Server Arbitrary File Upload Remote Code Execution Vulnerability
2010-12-1400:00:00
Oleksandr Mirosh
www.zerodayinitiative.com
326
0.971 High
EPSS
Percentile
99.8%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Sharepoint Server utilizing Microsoft’s Office Document Load Balancer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Office Document Conversions Launcher service and occurs due to insufficient parameter validation on a particular SOAP request. Sucessful exploitation will allow an attacker to upload and execute an arbitrary file on the target server.
Related
cvelist
cvelist
CVE-2010-3964
2010-12-16 19:00:00
cve
cve
CVE-2010-3964
2010-12-16 19:33:03
saint
saint
Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability
2011-11-23 00:00:00
Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability
2011-11-23 00:00:00
Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability
2011-11-23 00:00:00
openvas
openvas
nessus
nessus
packetstorm
packetstorm
Microsoft Office SharePoint Server 2007 Remote Code Execution
2012-07-30 00:00:00
nvd
nvd
CVE-2010-3964
2010-12-16 19:33:03
seebug
seebug
Microsoft SharePoint畸形SOAP请求远程代码执行漏洞(MS10-104)
2010-12-19 00:00:00
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
Microsoft Sharepoint code execution
2010-12-15 00:00:00
prion
prion
Unrestricted file upload
2010-12-16 19:33:00