(MS12-067) Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2742321)
Publish Date: 07 de listopada de 2012
Severity: : High
CVE Identifier: CVE-2012-1766,CVE-2012-1767,CVE-2012-1768,CVE-2012-1769,CVE-2012-1770,CVE-2012-1771,CVE-2012-1772,CVE-2012-1773,CVE-2012-3106,CVE-2012-3107,CVE-2012-3108,CVE-2012-3109,CVE-2012-3110
Advisory Date: 07 de listopada de 2012
DESCRIPTION
This patch addresses vulnerabilities existing in Microsoft FAST Search Server 2010 for SharePoint. When exploited, it could allow remote code execution in the security context (user accounts) with a token. Note that FAST Search Server for SharePoint is affected if the Advanced Filter Pack is enabled.
SOLUTION
AFFECTED SOFTWARE AND VERSION:
- Microsoft FAST Search Server 2010 for SharePoint Service Pack 1