Unrated severityNVD Advisory· Published Dec 16, 2010· Updated Jun 16, 2026

CVE-2010-3964

Description

Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Microsoft/Sharepoint Server2 versions
cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:x32:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:x32:*:*:*:*:*
- cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:x64:*:*:*:*:*
Microsoft/Office SharePoint Server 2007llm-fuzzy
Range: = SP2

Patches

Vulnerability mechanics

References

secunia.com/advisories/42631nvdVendor Advisory
www.vupen.com/english/advisories/2010/3226nvdVendor Advisory
www.us-cert.gov/cas/techalerts/TA10-348A.htmlnvdUS Government Resource
osvdb.org/69817nvd
www.securityfocus.com/bid/45264nvd
www.securitytracker.com/idnvd
www.zerodayinitiative.com/advisories/ZDI-10-287/nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-104nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11737nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.075
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000