Summary
This host is missing an important security update according to Microsoft Bulletin MS12-050.
Impact
Successful exploitation could allow an attacker to bypass certain security restrictions and conduct cross-site scripting and spoofing attacks.
Impact Level: Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms12-050
Insight
- Certain input is not properly sanitised in the 'SafeHTML' API before being returned to the user.
- Certain unspecified input is not properly sanitised in scriptresx.ashx before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
- An error when validating search scope permissions can be exploited to view or modify another user's search scope.
- Certain unspecified input associated with a username is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
- Certain unspecified input associated with a URL is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website.
- Certain unspecified input associated with a reflected list parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Affected
Microsoft InfoPath 2010
Microsoft Groove Server 2010
Microsoft Office Web Apps 2010
Microsoft SharePoint Server 2010
Microsoft SharePoint Foundation 2010
Microsoft InfoPath 2007 Service Pack 2
Microsoft InfoPath 2007 Service Pack 3
Microsoft InfoPath 2010 Service Pack 1
Microsoft Groove Server 2010 Service Pack 1
Microsoft Office Web Apps 2010 Service Pack 1
Microsoft SharePoint Server 2010 Service Pack 1
Microsoft SharePoint Foundation 2010 Service Pack 1 Microsoft Office SharePoint Server 2007 Service Pack 2 Microsoft Office SharePoint Server 2007 Service Pack 3 Microsoft Windows SharePoint Services 3.0 Service Pack 2
References
Severity
Classification
-
CVE CVE-2012-1858, CVE-2012-1859, CVE-2012-1860, CVE-2012-1861, CVE-2012-1862, CVE-2012-1863 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Microsoft InfoPath HTML Sanitisation Component XSS Vulnerability (2821818)
- Microsoft .NET Framework Security Bypass Vulnerability (2984625)
- Microsoft .NET Framework Remote Code Execution Vulnerability (2538814)
- Microsoft Lync Server Information Disclosure Vulnerability (2969258)
- Microsoft Windows Defender Privilege Elevation Vulnerability (2847927)