Test ID:	1.3.6.1.4.1.25623.1.0.811023
Category:	Windows : Microsoft Bulletins
Title:	Microsoft SharePoint Server WAS Multiple RCE Vulnerabilities (3191839)
Summary:	This host is missing an important security; update for Microsoft SharePoint Server WAS according to Microsoft KB3191839
Description:	Summary: This host is missing an important security update for Microsoft SharePoint Server WAS according to Microsoft KB3191839 Vulnerability Insight: Multiple flaws exist as the software fails to properly handle objects in memory. Vulnerability Impact: Successful exploitation will allow an attacker to run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs / view, change, or delete data / or create new accounts with full user rights. Affected Software/OS: - Microsoft SharePoint Server 2010 Service Pack 2 Word Automation Services - Microsoft SharePoint Server 2010 Service Pack 2 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-0254 BugTraq ID: 98101 http://www.securityfocus.com/bid/98101 http://www.securitytracker.com/id/1038443 Common Vulnerability Exposure (CVE) ID: CVE-2017-0281 BugTraq ID: 98297 http://www.securityfocus.com/bid/98297
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.