Home / bulletins

MS10-104 - Important: Vulnerability in Microsoft SharePoint Could Allow Remote Code Execution (2455005) - Version:1.0

Posted on 14 December 2010

Important

Severity Rating: Important - Revision Note: V1.0 (December 14, 2010): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft SharePoint. The vulnerability could allow remote code execution in the security context of a guest user if an attacker sent a specially crafted SOAP request to the Document Conversions Launcher Service in a SharePoint server environment that is using the Document Conversions Load Balancer Service. By default, the Document Conversions Load Balancer Service and Document Conversions Launcher Service are not enabled in Microsoft Office SharePoint Server 2007.

Link

 

TOP