MS12-080: Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2784126)

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote mail server has multiple vulnerabilities.

Description :

The version of Microsoft Exchange installed on the remote host has the
following vulnerabilities :

- Multiple code execution vulnerabilities in the Oracle Outside In
libraries, used by the WebReady Document Viewing feature of
Outlook Web App (OWA). An attacker could exploit this by
sending a malicious email attachment to a user who views it in
OWA, resulting in arbitrary code execution as LocalService.
(CVE-2012-3214, CVE-2012-3217)

- A denial of service caused by Exchange improperly handling
RSS feeds. An attacker with a valid email account on the
Exchange server could create a specially crafted RSS feed,
which could cause the system to become unresponsive and
result in data corruption. (CVE-2012-4791)

See also :

http://www.nessus.org/u?9096da89
http://www.nessus.org/u?1cef09be
http://technet.microsoft.com/en-us/security/bulletin/ms12-080

Solution :

Microsoft has released a set of patches for Exchange 2007 and 2010.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.0
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 63227 ()

Bugtraq ID: 55977
55993
56836

CVE ID: CVE-2012-3214
CVE-2012-3217
CVE-2012-4791