NVD

Id
37567  
Name
CVE-2013-1330  
Description
The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute, which allows remote attackers to execute arbitrary code by leveraging an unassigned workflow, aka "MAC Disabled Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2013-09-11  
Modified Date
2013-12-13  
Seq
2013-1330  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
191193 37567 CVE-2013-1330 oval:org.mitre.oval:def:19040  View
191194 37567 CVE-2013-1330 MS13-067  View
191195 37567 CVE-2013-1330 MS13-105  View
191196 37567 CVE-2013-1330 TA13-253A  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
22450 JVNDB-2013-004025 複数の Microsoft 製品のデフォルト設定における任意のコードを実行される脆弱性 Microsoft SharePoint Portal Server、SharePoint Server および Office Web Apps のデフォルト設定は、EnableViewStateMac 属性を設定しないため、任意のコードを実行される脆弱性が存在します。 CVE-2013-1330 61272 CVE-2013-1330 37567 10 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004025.html 2013-09-10 2013-12-12 View