Microsoft Windows SharePoint Services Help.aspx XSS Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	06/08/2010
Severity:	Medium
Operating Systems Affected:	Microsoft Windows
Application Affected:	Microsoft Windows SharePoint Services 3.0 SP1 Microsoft Windows SharePoint Services 3.0 SP2 32-bit Microsoft Windows SharePoint Services 3.0 SP1 Microsoft Windows SharePoint Services 3.0 SP2 64-bit
Identifiers:	CVE-2010-0817

Synopsis

Microsoft Windows SharePoint is vulnerable to cross site scripting attack which allows remote attacker to execute malicious scripting code.

Recommended Actions

Patch is available from vendor.
http://www.microsoft.com/technet/security/Bulletin/MS10-039.mspx

Threat Analysis

There is a cross-site scripting and spoofing vulnerability exists in Microsoft Windows SharePoint Services and Microsoft Office SharePoint Server 2007.

This issue lies as application does not properly validate input that is provided to an HTML query before sending this input to the browser.

A remote attacker can exploit this vulnerability and run the malicious script code on victim machine. An attacker who successfully exploited the vulnerability could modify Web browser caches and intermediate proxy server caches.

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0817

Write-up by: Vikrant