Microsoft Exchange and FAST Search Server 2010 for SharePoint Mulitple Vulnerabilities
Last Update Date:
25 Jul 2012 14:57
Release Date:
25 Jul 2012
4901
Views
RISK: High Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities have been identified in Microsoft Exchange and FAST Search Server 2010 for SharePoint shipped with third-party component, Oracle Outside In libraries, which can be exploited by malicious people to take control of the server process that is parsing a specially crafted file.
Impact
- Remote Code Execution
System / Technologies affected
- Microsoft Exchange Server 2007
- Microsoft Exchange Server 2010
- Microsoft SharePoint Server 2010
- FAST Search Server 2010 for SharePoint
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Workarounds:
- Disable transcoding service
- Disable the Advanced Filter Pack
Vulnerability Identifier
- CVE-2012-1766
- CVE-2012-1767
- CVE-2012-1768
- CVE-2012-1769
- CVE-2012-1770
- CVE-2012-1771
- CVE-2012-1772
- CVE-2012-1773
- CVE-2012-3106
- CVE-2012-3107
- CVE-2012-3108
- CVE-2012-3109
- CVE-2012-3110
Source
Related Link
Share with