|MS07-018||Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939)||Microsoft Content||Critical||11-04-2007|
Brief overview of the risk:
MS07-018 patches two vulnerabilities in Microsoft Content Management Server. One is an integer overflow vulnerability that can result in remote code execution although it is unreliable. The other is an HTTP response splitting vulnerability, which has similar implications to cross-site scripting.
Detailed Information on the risk:
A remote code execution vulnerability exists in Content Management Server because of the way that it handles a specially crafted HTTP request.
An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
A cross-site scripting and spoofing vulnerability exists in Microsoft Content Management Server (MCMS) which could allow an attacker to convince a user to run a malicious script. If this malicious script is run, it would execute in the security context of the user. Attempts to exploit this vulnerability require user interaction. This vulnerability could allow an attacker access to any data on the affected systems that was accessible to the individual user.
It may also be possible for an attacker to exploit this vulnerability to modify Web browser caches and intermediate proxy server caches, and put spoofed content in those caches.Further information on this exploit is available at : MS07-018
Affected SoftwareMicrosoft Content Management Server 2001 Service Pack 1
Microsoft Content Management Server 2002 Service Pack 2