MS13-013: Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2784242)
Medium Nessus Plugin ID 64574
SynopsisThe remote Windows host is affected by multiple code execution vulnerabilities.
DescriptionThe remote host is using a vulnerable version of FAST Search Server 2010 for SharePoint. When the Advanced Filter Pack is enabled, vulnerable versions of the Oracle Outside In libraries are used to parse files. An attacker could exploit this by uploading a malicious file to a site using FAST Search to index, which could result in arbitrary code execution.
SolutionMicrosoft has released a set of patches for FAST Search Server 2010.