Summary
This host is missing a critical security update according to Microsoft Bulletin MS10-104
Impact
Successful exploitation could allow attackers to execute arbitrary code in the security context of a guest account.
Impact Level: System/Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/Bulletin/MS10-104.mspx
Insight
The flaws are due an error in the 'Document Conversions Launcher Service' when handling specially crafted 'Simple Object Access Protocol (SOAP)' requests in a SharePoint server environment that is using the Document Conversions Load Balancer Service.
Affected
Microsoft Office SharePoint Server 2007 Service Pack 2
References
Severity
Classification
-
CVE CVE-2010-3964 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability (942615)
- Buffer Overrun In HTML Converter Could Allow Code Execution (823559)
- Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2604930)
- Microsoft DirectShow Remote Code Execution Vulnerability (2845187)
- Cumulative Security Update for Internet Explorer (950759)