CVE-2012-1766

Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server (affected versions not specified)

Description Remote code execution issues exist due to the WebReady Document Viewing feature. This could allow code execution as Local System if a user views a specially crafted file through Outlook Web Access in a browser. An attacker could run code on the server, but only with LocalService privileges, which have minimal local computer privileges and present anonymous network credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.