Microsoft Office SharePoint Server 2007 - Remote Code Execution (MS10-104) (Metasploit)

CVE编号

CVE-2010-3964

利用情况

暂无

补丁情况

N/A

披露时间

2010-12-17

漏洞描述

Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability."

解决建议

用户可参考如下供应商提供的安全公告获得补丁信息：http://www.microsoft.com/technet/security/bulletin/MS10-104.mspx

参考链接
http://osvdb.org/69817
http://secunia.com/advisories/42631
http://www.securityfocus.com/bid/45264
http://www.securitytracker.com/id?1024886
http://www.us-cert.gov/cas/techalerts/TA10-348A.html
http://www.vupen.com/english/advisories/2010/3226
http://www.zerodayinitiative.com/advisories/ZDI-10-287/
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-104
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...

受影响软件情况

#	类型	厂商	产品	版本	影响面
1
	运行在以下环境
	应用	microsoft	sharepoint_server	2007	-

CVSS3评分 7.5

• 攻击路径 网络
• 攻击复杂度 低
• 权限要求 无
• 影响范围 N/A
• 用户交互 无
• 可用性 部分地
• 保密性 部分地
• 完整性 部分地

AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-ID	漏洞类型
NVD-CWE-Other

Exp相关链接

• https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/misc/ms10_104_sharepoint.rb
• https://www.exploit-db.com/exploits/20122

- avd.aliyun.com