[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Multiple remote code execution vulnerabilities in Microsoft Exchange Server via WebReady Document Viewing feature - MS12-058

ID: oval:org.secpod.oval:def:6706Date: (C)2012-08-16   (M)2022-04-14
Class: PATCHFamily: windows




The host is missing a critical security update according to Microsoft security bulletin, MS12-058. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted file through Outlook Web Access in a browser. Successful exploitation could allow attackers to execute arbitrary code.

Platform:
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product:
Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Reference:
MS12-058
CVE-2012-1766
CVE-2012-1767
CVE-2012-1768
CVE-2012-1769
CVE-2012-1770
CVE-2012-1771
CVE-2012-1772
CVE-2012-1773
CVE-2012-3106
CVE-2012-3107
CVE-2012-3108
CVE-2012-3109
CVE-2012-3110
CVE    13
CVE-2012-1770
CVE-2012-1771
CVE-2012-1772
CVE-2012-1773
...
CPE    4
cpe:/a:microsoft:exchange_server:2007:sp3
cpe:/a:microsoft:exchange:2010
cpe:/a:microsoft:exchange:2010:sp1
cpe:/a:microsoft:exchange:2010:sp2
...
XCCDF    5
xccdf_com.secpod_benchmark_microsoft-windows-server-2008
xccdf_com.secpod_benchmark_microsoft-windows-server-2008-r2
xccdf_scaprepo.com_benchmark_microsoft-windows-server-2008-r2
xccdf_com.secpod_benchmark_microsoft-windows-server-2003
...

© SecPod Technologies