CVE-2010-3243
4.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Exploitability: 2.8 / Impact: 1.4
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
Description
Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "HTML Sanitization Vulnerability."
Affected (5)
Products: Microsoft: Sharepoint Server, Sharepoint Services, Internet Explorer
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2007 sp2 | |
| Version 3.0 sp2 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 8 |
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows 7 | All versions |
Microsoft Windows Server 2003 | All versions |
Microsoft Windows Server 2008 | All versions |
Microsoft Windows Vista | All versions |
Microsoft Windows Xp | All versions |
References (10)
Source: secure@microsoft.com
Source: secure@microsoft.com
US Government Resource
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.