SecurityHome.eu MS12-058 - Critical : Vulnerabilities in Microsoft Exchange Server WebReady Document Viewing Could Allow Remote Code Execution (2740358)

Home / bulletins

MS12-058 - Critical : Vulnerabilities in Microsoft Exchange Server WebReady Document Viewing Could Allow Remote Code Execution (2740358) - Version: 2.1
Posted on 11 October 2012
There is an newer version: MS12-058 - Version: 2.2
Critical
Severity Rating: Critical
Revision Note: V2.1 (October 10, 2012): For the rereleased KB2756497, KB2756496, and KB2756485 updates, added an FAQ entry to provide deployment guidance. See the update FAQ for details.
Summary: This security update resolves publicly disclosed vulnerabilities in Microsoft Exchange Server WebReady Document Viewing. The vulnerabilities could allow remote code execution in the security context of the transcoding service on the Exchange server if a user previews a specially crafted file using Outlook Web App (OWA). The transcoding service in Exchange that is used for WebReady Document Viewing is running in the LocalService account. The LocalService account has minimum privileges on the local computer and presents anonymous credentials on the network.
Link
Other versions
MS12-058 - Version: 1.0
MS12-058 - Version: 2.0
MS12-058 - Version: 2.1
MS12-058 - Version: 2.2

TOP

Bulletins :

Last 20

Exploits :

Last 20