What is CVE-2010-3964?

CVE-2010-3964 is a vulnerability in Microsoft Sharepoint_server. Published 2010-12-16.

Is CVE-2010-3964 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Sharepoint_server

CVE-2010-3964

Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrar…

EPSS: 0.906 (99.6th percentile) — read the EPSS interpretation.

Affected products

Microsoft Sharepoint_server — versions 2007
N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

69817 (x_refsource_OSVDB, vdb-entry)
TA10-348A (US Government Resource, x_refsource_CERT, third-party-advisory)
MS10-104 (x_refsource_MS, vendor-advisory)
ADV-2010-3226 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
1024886 (vdb-entry, x_refsource_SECTRACK)
secure@microsoft.com (x_refsource_MISC)
45264 (vdb-entry, x_refsource_BID)
42631 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
oval:org.mitre.oval:def:11737 (x_refsource_OVAL, signature, vdb-entry)

Frequently asked questions

What is CVE-2010-3964?: CVE-2010-3964 is a vulnerability in Microsoft Sharepoint_server. Published 2010-12-16.
Is CVE-2010-3964 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.