Summary
This host is missing an important security update according to Microsoft Bulletin MS12-067.
Impact
Successful exploitation could run arbitrary code in the context of a user account with a restricted token.
Impact Level: System/Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms12-067
Insight
The flaws are due to the error in Oracle Outside In libraries, when used by the Advanced Filter Pack while parsing specially crafted files.
Affected
Microsoft FAST Search Server 2010 for SharePoint Service Pack 1
References
Severity
Classification
-
CVE CVE-2012-1766, CVE-2012-1767, CVE-2012-1768, CVE-2012-1769, CVE-2012-1770, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, CVE-2012-3109, CVE-2012-3110. -
CVSS Base Score: 2.1
AV:L/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Microsoft FAST Search Server 2010 SharePoint RCE Vulnerabilities (2784242)
- Microsoft Windows Group Policy Security Feature Bypass Vulnerability (3004361)
- Microsoft Windows ASP.NET Denial of Service Vulnerability(970957)
- Microsoft Windows Error Reporting Security Feature Bypass Vulnerability (3004365)
- MS Exchange Server Remote Code Execution Vulnerabilities (2784126)