CVE-2010-3964

high Microsoft
CVSS v3 Base Score
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
90.6%
Exploitation probability in 30 days
Top 0% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: December 16, 2010 (5628 days ago)
Last Modified: April 29, 2026
Vendor: Microsoft
Source: NVD

Description

Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability."

CWE

NVD-CWE-Other

Affected Products

microsoft sharepoint server

References

🔗 osvdb.org 🔗 secunia.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 www.us-cert.gov