CyberSec.Space Logo
返回 CVE 浏览器

CVE-2013-1330

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0150%
EPSS Percentile14.58th
Published2013年9月11日
Last Modified2026年4月29日

Vulnerability Description

The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute, which allows remote attackers to execute arbitrary code by leveraging an unassigned workflow, aka "MAC Disabled Vulnerability."

Affected Platforms (CPE)

📦
Microsoft

Sharepoint Foundation

= 2010
📦
Microsoft

Sharepoint Foundation

= 2010
📦
Microsoft

Sharepoint Portal Server

= 2003
📦
Microsoft

Sharepoint Server

= 2007
📦
Microsoft

Sharepoint Server

= 2010
📦
Microsoft

Sharepoint Server

= 2010
📦
Microsoft

Sharepoint Services

= 2.0
📦
Microsoft

Sharepoint Services

= 3.0
📦
Microsoft

Office Web Apps

= 2010

References & Advisories

🔗 http://www.us-cert.gov/ncas/alerts/TA13-253A
🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067
🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-105
🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19040
🔗 http://www.us-cert.gov/ncas/alerts/TA13-253A
🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067
🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-105
🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19040

相关漏洞威胁

CVE-2015-16829.3

Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP...

CVE-2014-28169.3

Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundation 2013 Gold and SP1 allow remote authenticated users to gain...

CVE-2015-00859.3

Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Ex...

CVE-2014-02519.0

Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Fou...