Detections
Analytics

MS12-080: Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2784126)

low Nessus Plugin ID 63227

Language:

Synopsis

The remote mail server has multiple vulnerabilities.

Description

The version of Microsoft Exchange installed on the remote host has the following vulnerabilities :

 - Multiple code execution vulnerabilities in the Oracle Outside In libraries, used by the WebReady Document Viewing feature of Outlook Web App (OWA). An attacker could exploit this by sending a malicious email attachment to a user who views it in OWA, resulting in arbitrary code execution as LocalService.
 (CVE-2012-3214, CVE-2012-3217)

 - A denial of service caused by Exchange improperly handling RSS feeds. An attacker with a valid email account on the Exchange server could create a specially crafted RSS feed, which could cause the system to become unresponsive and result in data corruption. (CVE-2012-4791)

Solution

Microsoft has released a set of patches for Exchange 2007 and 2010.

See Also

http://www.nessus.org/u?87547c81

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-080

Plugin Details

Severity: Low

ID: 63227

File Name: smb_nt_ms12-080.nasl

Version: 1.14

Type: local

Agent: windows

Published: 12/11/2012

Updated: 12/4/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Low

Base Score: 3.5

Temporal Score: 2.6

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P

CVSS Score Source: CVE-2012-4791

Vulnerability Information

CPE: cpe:/a:microsoft:exchange_server

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Ease: No known exploits are available

Patch Publication Date: 12/11/2012

Vulnerability Publication Date: 10/16/2012

Reference Information

CVE: CVE-2012-3214, CVE-2012-3217, CVE-2012-4791

BID: 55977, 55993, 56836

MSFT: MS12-080

MSKB: 2746157, 2785908, 2787763