CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
MS13-013 | Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2784242) | Microsoft FAST | Important | 13-02-2013 |
Technical Information
Brief overview of the risk:
This security update resolves publicly disclosed vulnerabilities in Microsoft FAST Search Server 2010 for SharePoint. The vulnerabilities could allow remote code execution in the security context of a user account with a restricted token. FAST Search Server for SharePoint is only affected by this issue when Advanced Filter Pack is enabled. By default, Advanced Filter Pack is disabled.
Detailed Information on the risk:
Remote code execution vulnerabilities exist in FAST Search Server 2010 for SharePoint with the Advanced Filter Pack enabled. An attacker who succesfully exploited these vulnerabilities could run arbitrary code in the context of a user account with a restricted token. By default, Advanced Filter Pack in FAST is disabled.
Further information on this exploit is available at : MS13-013