(MS12-067) Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2742321)

  Severity: HIGH
  CVE Identifier: CVE-2012-1766,CVE-2012-1767,CVE-2012-1768,CVE-2012-1769,CVE-2012-1770,CVE-2012-1771,CVE-2012-1772,CVE-2012-1773,CVE-2012-3106,CVE-2012-3107,CVE-2012-3108,CVE-2012-3109,CVE-2012-3110
  Advisory Date: NOV 07, 2012

  DESCRIPTION

This patch addresses vulnerabilities existing in Microsoft FAST Search Server 2010 for SharePoint. When exploited, it could allow remote code execution in the security context (user accounts) with a token. Note that FAST Search Server for SharePoint is affected if the Advanced Filter Pack is enabled.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Microsoft FAST Search Server 2010 for SharePoint Service Pack 1

Featured Stories