MS12-050: Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502)

2012-07-11T00:00:00

Description

The versions of InfoPath, Office SharePoint Server, SharePoint Server, Groove Server, Windows SharePoint Services, SharePoint Foundation, or Office Web Apps installed on the remote host are affected by multiple privilege escalation and information disclosure vulnerabilities : - An information disclosure vulnerability exists in the way that HTML strings are sanitized. An attacker who successfully exploited this vulnerability could perform cross-site scripting attacks and run script in the security context of the logged-on user. (CVE-2012-1858) - A cross-site scripting and a privilege escalation vulnerability allow attacker-controlled JavaScript to run in the context of the user clicking a link. An anonymous attacker could also potentially issue SharePoint commands in the context of an authenticated user on the site. (CVE-2012-1859) - An information disclosure vulnerability exists in the way that SharePoint stores search scopes. An attacker could view or tamper with other users' search scopes. (CVE-2012-1860) - A cross-site scripting vulnerability exists that allows attacker-controlled JavaScript to run in the context of the user clicking a link. An anonymous attacker could also potentially issue SharePoint commands in the context of an authenticated user. (CVE-2012-1861) - A URL redirection vulnerability exists in SharePoint. The vulnerability could lead to spoofing and information disclosure and could allow an attacker to redirect a user to an external URL. (CVE-2012-1862) - A cross-site scripting vulnerability exists that allows attacker-controlled JavaScript to run in the context of the user clicking a link. An anonymous attacker could also potentially issue SharePoint commands in the context of an authenticated user. (CVE-2012-1863).

{"id": "SMB_NT_MS12-050.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "MS12-050: Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502)", "description": "The versions of InfoPath, Office SharePoint Server, SharePoint Server, Groove Server, Windows SharePoint Services, SharePoint Foundation, or Office Web Apps installed on the remote host are affected by multiple privilege escalation and information disclosure vulnerabilities :\n\n - An information disclosure vulnerability exists in the way that HTML strings are sanitized. An attacker who successfully exploited this vulnerability could perform cross-site scripting attacks and run script in the security context of the logged-on user. (CVE-2012-1858)\n\n - A cross-site scripting and a privilege escalation vulnerability allow attacker-controlled JavaScript to run in the context of the user clicking a link. An anonymous attacker could also potentially issue SharePoint commands in the context of an authenticated user on the site. (CVE-2012-1859)\n\n - An information disclosure vulnerability exists in the way that SharePoint stores search scopes. An attacker could view or tamper with other users' search scopes.\n (CVE-2012-1860)\n\n - A cross-site scripting vulnerability exists that allows attacker-controlled JavaScript to run in the context of the user clicking a link. An anonymous attacker could also potentially issue SharePoint commands in the context of an authenticated user. (CVE-2012-1861)\n\n - A URL redirection vulnerability exists in SharePoint.\n The vulnerability could lead to spoofing and information disclosure and could allow an attacker to redirect a user to an external URL. (CVE-2012-1862)\n\n - A cross-site scripting vulnerability exists that allows attacker-controlled JavaScript to run in the context of the user clicking a link. An anonymous attacker could also potentially issue SharePoint commands in the context of an authenticated user. (CVE-2012-1863).", "published": "2012-07-11T00:00:00", "modified": "2019-12-04T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/59913", "reporter": "This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1859", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1861", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1863", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1858", "http://www.nessus.org/u?c7d49512", "https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-050", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1860", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1862"], "cvelist": ["CVE-2012-1858", "CVE-2012-1859", "CVE-2012-1860", "CVE-2012-1861", "CVE-2012-1862", "CVE-2012-1863"], "immutableFields": [], "lastseen": "2023-01-11T14:27:50", "viewCount": 125, "enchantments": {"dependencies": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2012-255", "CPAI-2012-302", "CPAI-2012-306", "CPAI-2012-309", "CPAI-2012-310", "CPAI-2013-1601", "CPAI-2015-0698"]}, {"type": "cve", "idList": ["CVE-2012-1858", "CVE-2012-1859", "CVE-2012-1860", "CVE-2012-1861", "CVE-2012-1862", "CVE-2012-1863"]}, {"type": "exploitdb", "idList": ["EDB-ID:19777"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:A4C844F13ADB3E9DD54232C27BB897A6"]}, {"type": "mskb", "idList": ["KB2695502", "KB2699988"]}, {"type": "nessus", "idList": ["SMB_NT_MS12-037.NASL", "SMB_NT_MS12-039.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310902682", "OPENVAS:1361412562310902842", "OPENVAS:1361412562310902847", "OPENVAS:902682", "OPENVAS:902842"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:114615"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12404", "SECURITYVULNS:VULN:12406", "SECURITYVULNS:VULN:12466"]}, {"type": "seebug", "idList": ["SSV:60209", "SSV:60273", "SSV:60277", "SSV:60278", "SSV:73689"]}, {"type": "symantec", "idList": ["SMNTC-53842", "SMNTC-54313", "SMNTC-54315", "SMNTC-54316"]}, {"type": "threatpost", "idList": ["THREATPOST:219EFB4DE8A56286E444E303B599B79C", "THREATPOST:3EEA9D9B7CBDC9687FD961AD1AF59EF5", "THREATPOST:9FD19F2ACF1E3C44BAE775A250F1E132"]}]}, "score": {"value": -0.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2012-255", "CPAI-2013-1601"]}, {"type": "cve", "idList": ["CVE-2012-1858", "CVE-2012-1859", "CVE-2012-1860", "CVE-2012-1861", "CVE-2012-1862", "CVE-2012-1863"]}, {"type": "exploitdb", "idList": ["EDB-ID:19777"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:A4C844F13ADB3E9DD54232C27BB897A6"]}, {"type": "mskb", "idList": ["KB2598239"]}, {"type": "nessus", "idList": ["SMB_HOTFIXES.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310107443"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12404"]}, {"type": "seebug", "idList": ["SSV:60273", "SSV:60277", "SSV:60278"]}, {"type": "symantec", "idList": ["SMNTC-54316"]}, {"type": "threatpost", "idList": ["THREATPOST:219EFB4DE8A56286E444E303B599B79C", "THREATPOST:9FD19F2ACF1E3C44BAE775A250F1E132"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2012-1858", "epss": "0.967790000", "percentile": "0.994120000", "modified": "2023-03-13"}, {"cve": "CVE-2012-1859", "epss": "0.943570000", "percentile": "0.986800000", "modified": "2023-03-13"}, {"cve": "CVE-2012-1860", "epss": "0.002760000", "percentile": "0.631500000", "modified": "2023-03-13"}, {"cve": "CVE-2012-1861", "epss": "0.943570000", "percentile": "0.986800000", "modified": "2023-03-13"}, {"cve": "CVE-2012-1862", "epss": "0.012980000", "percentile": "0.837410000", "modified": "2023-03-13"}, {"cve": "CVE-2012-1863", "epss": "0.943570000", "percentile": "0.986800000", "modified": "2023-03-13"}], "vulnersScore": -0.7}, "_state": {"dependencies": 1673447554, "score": 1673449353, "epss": 1678786801}, "_internal": {"score_hash": "32300504f29819b4a1269762e6e1231d"}, "pluginID": "59913", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59913);\n script_version(\"1.26\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\n \"CVE-2012-1858\",\n \"CVE-2012-1859\",\n \"CVE-2012-1860\",\n \"CVE-2012-1861\",\n \"CVE-2012-1862\",\n \"CVE-2012-1863\"\n );\n script_bugtraq_id(\n 53842,\n 54312,\n 54313,\n 54314,\n 54315,\n 54316\n );\n script_xref(name:\"EDB-ID\", value:\"19777\");\n script_xref(name:\"MSFT\", value:\"MS12-050\");\n script_xref(name:\"MSKB\", value:\"2553194\");\n script_xref(name:\"MSKB\", value:\"2553322\");\n script_xref(name:\"MSKB\", value:\"2553365\");\n script_xref(name:\"MSKB\", value:\"2553424\");\n script_xref(name:\"MSKB\", value:\"2553431\");\n script_xref(name:\"MSKB\", value:\"2589325\");\n script_xref(name:\"MSKB\", value:\"2596663\");\n script_xref(name:\"MSKB\", value:\"2596666\");\n script_xref(name:\"MSKB\", value:\"2596786\");\n script_xref(name:\"MSKB\", value:\"2596911\");\n script_xref(name:\"MSKB\", value:\"2596942\");\n script_xref(name:\"MSKB\", value:\"2598239\");\n script_xref(name:\"MSKB\", value:\"2760604\");\n\n script_name(english:\"MS12-050: Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502)\");\n script_summary(english:\"Checks InfoPath / SharePoint / Groove / Office Web Apps version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple privilege escalation and\ninformation disclosure vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The versions of InfoPath, Office SharePoint Server, SharePoint Server,\nGroove Server, Windows SharePoint Services, SharePoint Foundation, or\nOffice Web Apps installed on the remote host are affected by multiple\nprivilege escalation and information disclosure vulnerabilities :\n\n - An information disclosure vulnerability exists in the\n way that HTML strings are sanitized. An attacker who\n successfully exploited this vulnerability could perform\n cross-site scripting attacks and run script in the\n security context of the logged-on user. (CVE-2012-1858)\n\n - A cross-site scripting and a privilege escalation\n vulnerability allow attacker-controlled JavaScript to\n run in the context of the user clicking a link. An\n anonymous attacker could also potentially issue\n SharePoint commands in the context of an authenticated\n user on the site. (CVE-2012-1859)\n\n - An information disclosure vulnerability exists in the\n way that SharePoint stores search scopes. An attacker\n could view or tamper with other users' search scopes.\n (CVE-2012-1860)\n\n - A cross-site scripting vulnerability exists that allows\n attacker-controlled JavaScript to run in the context of\n the user clicking a link. An anonymous attacker could\n also potentially issue SharePoint commands in the\n context of an authenticated user. (CVE-2012-1861)\n\n - A URL redirection vulnerability exists in SharePoint.\n The vulnerability could lead to spoofing and information\n disclosure and could allow an attacker to redirect a\n user to an external URL. (CVE-2012-1862)\n\n - A cross-site scripting vulnerability exists that allows\n attacker-controlled JavaScript to run in the context of\n the user clicking a link. An anonymous attacker could\n also potentially issue SharePoint commands in the\n context of an authenticated user. (CVE-2012-1863).\");\n # http://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7d49512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-050\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for InfoPath 2007, InfoPath\n2010, Office SharePoint Server 2007, SharePoint Server 2010, Groove\nServer 2010, Windows SharePoint Services 2.0 and 3.0, SharePoint\nFoundation 2010, and Office Web Apps 2010.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-1862\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:groove\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:infopath\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office_web_apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_services\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_foundation\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"office_installed.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nglobal_var bulletin, vuln;\n\nfunction get_ver()\n{\n local_var fh, path, rc, share, ver;\n\n path = _FCT_ANON_ARGS[0];\n\n share = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:path);\n\n rc = NetUseAdd(share:share);\n if (rc != 1)\n {\n NetUseDel();\n audit(AUDIT_SHARE_FAIL, share);\n }\n\n ver = NULL;\n path = ereg_replace(string:path, pattern:\"^[A-Za-z]:(.*)\", replace:\"\\1\\\");\n\n fh = CreateFile(\n file : path,\n desired_access : GENERIC_READ,\n file_attributes : FILE_ATTRIBUTE_NORMAL,\n share_mode : FILE_SHARE_READ,\n create_disposition : OPEN_EXISTING\n );\n if (!isnull(fh))\n {\n ver = GetFileVersion(handle:fh);\n ver = join(ver, sep:\".\");\n CloseFile(handle:fh);\n }\n\n NetUseDel(close:FALSE);\n\n return ver;\n}\n\nfunction check_vuln(fix, kb, name, path, ver)\n{\n local_var info;\n\n if (isnull(ver))\n ver = get_ver(path);\n\n if (isnull(ver) || ver_compare(ver:ver, fix:fix, strict:FALSE) >= 0)\n return 0;\n\n info =\n '\\n Product : ' + name +\n '\\n Path : ' + path +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:kb);\n\n vuln = TRUE;\n}\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS12-050\";\nkbs = make_list(\n 2596666, 2596786, 2553431, 2553322,\n 2596663, 2596942, 2553424, 2553194,\n 2589325, 2596911, 2553365, 2598239, 2760604\n);\nif (get_kb_item(\"Host/patch_management_checks\"))\n hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\", exit_code:1);\n\n# Connect to the registry.\nregistry_init();\nhklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n\n# Get path information for SharePoint Server 2007.\nsps_2007_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Office Server\\12.0\\InstallPath\"\n);\n\n# Get path information for SharePoint Server 2010.\nsps_2010_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Office Server\\14.0\\InstallPath\"\n);\n\n# Get path information for SharePoint Services 2.0\nsps_20_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Shared Tools\\Web Server Extensions\\6.0\\Location\"\n);\n\n# Get path information for SharePoint Services 3.0 or SharePoint Foundation 2010.\nforeach ver (make_list(\"12.0\", \"14.0\"))\n{\n spf_2010_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Shared Tools\\Web Server Extensions\\\" + ver + \"\\Location\"\n );\n\n if (spf_2010_path)\n break;\n}\n\n# Get path information for Groove Server 2010.\ngs_2010_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Office Server\\14.0\\Groove\\Groove Relay\\Parameters\\InstallDir\"\n);\n\n# Close connection to registry.\nRegCloseKey(handle:hklm);\nclose_registry(close:FALSE);\n\n# Get path and version information for InfoPath.\nip_installs = get_kb_list(\"SMB/Office/InfoPath/*/ProductPath\");\n\n# Get path information for Windows.\nwindir = hotfix_get_systemroot();\nif (isnull(windir))\n exit(1, \"Failed to determine the location of %windir%.\");\n\n# Get path information for Common Files.\ncommonprogramfiles = hotfix_get_commonfilesdir();\nif (isnull(commonprogramfiles))\n exit(1, \"Failed to determine the location of %commonprogramfiles%.\");\n\n# Get path information for Office Web Apps.\nowa_2010_path = sps_2010_path;\n\nif (!isnull(ip_installs))\n{\n foreach install (keys(ip_installs))\n {\n ip_ver = install - 'SMB/Office/InfoPath/' - '/ProductPath';\n ip_path = ip_installs[install];\n if (ip_path) ip_path = ereg_replace(string:ip_path, pattern:\"(.*)(\\\\[^\\\\]+)$\", replace:\"\\1\");\n\n ######################################################################\n # InfoPath 2007 SP2 / SP3\n #\n # [KB2596666] Infopath.Exe: 12.0.6661.5000\n # [KB2596786] Ipeditor.dll: 12.0.6661.5000\n ######################################################################\n office_sp2007 = get_kb_item(\"SMB/Office/2007/SP\");\n office_sp2010 = get_kb_item(\"SMB/Office/2010/SP\");\n if (ip_ver =~ '^12\\\\.' && (!isnull(office_sp2007) && (office_sp2007 == 2 || office_sp2007 == 3)))\n {\n name = \"InfoPath 2007\";\n\n check_vuln(\n name : name,\n kb : \"2596666\",\n path : ip_path + \"\\Infopath.Exe\",\n fix : \"12.0.6661.5000\"\n );\n\n check_vuln(\n name : name,\n kb : \"2596786\",\n path : ip_path + \"\\Ipeditor.dll\",\n fix : \"12.0.6661.5000\"\n );\n }\n ######################################################################\n # InfoPath 2010 SP0 / SP1\n #\n # [KB2553431] Infopath.Exe: 14.0.6120.5000\n # [KB2553322] Ipeditor.dll: 14.0.6120.5000\n ######################################################################\n else if (ip_ver =~ '^14\\\\.' && (!isnull(office_sp2010) && (office_sp2010 == 0 || office_sp2010 == 1)))\n {\n name = \"InfoPath 2010\";\n\n check_vuln(\n name : name,\n kb : \"2553431\",\n path : ip_path + \"\\Infopath.Exe\",\n fix : \"14.0.6120.5000\"\n );\n\n check_vuln(\n name : name,\n kb : \"2553322\",\n path : ip_path + \"\\Ipeditor.dll\",\n fix : \"14.0.6120.5000\"\n );\n }\n }\n}\n\n######################################################################\n# Office SharePoint Server 2007 SP2 / SP3\n#\n# [KB2596663] Microsoft.SharePoint.Publishing.dll: 12.0.6660.5000\n# [KB2596942] Microsoft.office.excel.webui.dll: 12.0.6661.5000\n######################################################################\nif (sps_2007_path)\n{\n name = \"Office SharePoint Server 2007\";\n\n check_vuln(\n name : name,\n kb : \"2596663\",\n path : sps_2007_path + \"Bin\\Microsoft.SharePoint.Publishing.dll\",\n fix : \"12.0.6660.5000\"\n );\n\n share = ereg_replace(string:windir, pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\");\n rc = NetUseAdd(share:share);\n if (rc != 1)\n {\n NetUseDel();\n audit(AUDIT_SHARE_FAIL, share);\n }\n\n dir = ereg_replace(string:windir, pattern:\"^[A-Za-z]:(.*)\", replace:\"\\1\");\n subdir = \"\\assembly\\GAC_MSIL\\Microsoft.Office.Excel.WebUI\\\";\n file = \"\\Microsoft.Office.Excel.WebUI.dll\";\n\n # Check for the DLL in each subdirectory.\n for (\n dh = FindFirstFile(pattern:dir + subdir + \"*\");\n !isnull(dh);\n dh = FindNextFile(handle:dh)\n )\n {\n # Skip non-directories.\n if (dh[2] & FILE_ATTRIBUTE_DIRECTORY == 0)\n continue;\n\n # Skip current and parent directories.\n if (dh[1] == \".\" || dh[1] == \"..\")\n continue;\n\n # Skip anything that doesn't look like the 2007 branch.\n if (dh[1] !~ \"^12\\.\")\n continue;\n\n # Get the version number from the file, if it exists.\n path = dir + subdir + dh[1] + file;\n fh = CreateFile(\n file : path,\n desired_access : GENERIC_READ,\n file_attributes : FILE_ATTRIBUTE_NORMAL,\n share_mode : FILE_SHARE_READ,\n create_disposition : OPEN_EXISTING\n );\n if (isnull(fh))\n continue;\n\n ver = GetFileVersion(handle:fh);\n CloseFile(handle:fh);\n\n check_vuln(\n name : name,\n kb : \"2596942\",\n path : windir + subdir + dh[1] + file,\n ver : join(ver, sep:\".\"),\n fix : \"12.0.6661.5000\"\n );\n }\n\n # Clean up.\n NetUseDel(close:FALSE);\n}\n\n######################################################################\n# SharePoint Server 2010 SP0 / SP1\n#\n# [KB2553424] Microsoft.resourcemanagement.dll: 4.0.2450.47\n# [KB2553194] Ssetupui.dll: 14.0.6120.5000\n######################################################################\nif (sps_2010_path)\n{\n name = \"Office SharePoint Server 2010\";\n\n check_vuln(\n name : name,\n kb : \"2553424\",\n path : sps_2010_path + \"Service\\Microsoft.resourcemanagement.dll\",\n fix : \"4.0.2450.47\"\n );\n\n check_vuln(\n name : name,\n kb : \"2553194\",\n path : commonprogramfiles + \"\\Microsoft Shared\\SERVER14\\Server Setup Controller\\WSS.en-us\\Ssetupui.dll\",\n fix : \"14.0.6120.5000\"\n );\n}\n\n######################################################################\n# Groove Server 2010 SP0 / SP1\n#\n# [KB2589325] Relay.exe: 14.0.6120.5000\n######################################################################\nif (gs_2010_path)\n{\n check_vuln(\n name : \"Groove Server 2010\",\n kb : \"2589325\",\n path : gs_2010_path + \"\\Relay.exe\",\n fix : \"14.0.6120.5000\"\n );\n}\n\n######################################################################\n# SharePoint Services 2.0\n#\n# [KB2760604] Onetutil.dll: 11.0.8346.0\n######################################################################\nif (sps_20_path)\n{\n path = sps_20_path + \"Bin\\Onetutil.dll\";\n ver = get_ver(path);\n\n check_vuln(\n name : \"SharePoint Services 2.0\",\n kb : \"2760604\",\n path : path,\n fix : \"11.0.8346.0\"\n );\n}\n\n######################################################################\n# SharePoint Services 3.0 SP2\n#\n# [KB2596911] Mssrch.dll: 12.0.6660.5000\n#\n#\n# SharePoint Foundation 2010 SP0 / SP1\n#\n# [KB2553365] Mssrch.dll: 14.0.6119.5000\n######################################################################\nif (spf_2010_path)\n{\n path = spf_2010_path + \"Bin\\Mssrch.dll\";\n ver = get_ver(path);\n\n if (ver && ver =~ \"^12\\.\")\n {\n check_vuln(\n name : \"SharePoint Services 3.0\",\n kb : \"2596911\",\n path : path,\n ver : ver,\n fix : \"12.0.6660.5000\"\n );\n }\n else if (ver && ver =~ \"^14\\.\")\n {\n check_vuln(\n name : \"SharePoint Foundation 2010\",\n kb : \"2553365\",\n path : path,\n ver : ver,\n fix : \"14.0.6119.5000\"\n );\n }\n}\n\n######################################################################\n# Office Web Apps 2010 SP0 / SP1\n#\n# [KB2598239] msoserver.dll: 14.0.6120.5000\n######################################################################\nif (owa_2010_path)\n{\n check_vuln(\n name : \"Office Web Apps 2010\",\n kb : \"2598239\",\n path : owa_2010_path + \"WebServices\\ConversionService\\Bin\\Converter\\msoserver.dll\",\n fix : \"14.0.6120.5000\"\n );\n}\n\nhotfix_check_fversion_end();\n\nif (!vuln)\n audit(AUDIT_HOST_NOT, 'affected');\n# Flag the system as vulnerable.\nset_kb_item(name:\"SMB/Missing/\" + bulletin, value:TRUE);\nset_kb_item(name:\"www/0/XSS\", value:TRUE);\nhotfix_security_warning();\n", "naslFamily": "Windows : Microsoft Bulletins", "cpe": ["cpe:/a:microsoft:groove", "cpe:/a:microsoft:infopath", "cpe:/a:microsoft:office_web_apps", "cpe:/a:microsoft:sharepoint_server", "cpe:/a:microsoft:sharepoint_services", "cpe:/a:microsoft:sharepoint_foundation"], "solution": "Microsoft has released a set of patches for InfoPath 2007, InfoPath 2010, Office SharePoint Server 2007, SharePoint Server 2010, Groove Server 2010, Windows SharePoint Services 2.0 and 3.0, SharePoint Foundation 2010, and Office Web Apps 2010.", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2012-1862", "vendor_cvss2": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {"risk factor": "Medium", "score": "6.4"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2012-07-10T00:00:00", "vulnerabilityPublicationDate": "2012-06-12T00:00:00", "exploitableWith": []}

{"mskb": [{"lastseen": "2021-01-01T22:39:07", "description": "<html><body><p>Describes vulnerabilities in SharePoint could allow elevation of privilege, and was released on July 10, 2012.</p><h2>INTRODUCTION</h2><div class=\"kb-summary-section section\">Microsoft has released security bulletin MS12-050. To view the complete security bulletin, go to one of the following Microsoft websites:\u00a0<ul class=\"sbody-free_list\"><li>Home users:<div class=\"indent\"><a href=\"http://www.microsoft.com/security/pc-security/bulletins/201207.aspx\" id=\"kb-link-1\" target=\"_self\">http://www.microsoft.com/security/pc-security/bulletins/201207.aspx</a></div><span class=\"text-base\">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br/><div class=\"indent\"><a href=\"http://update.microsoft.com/microsoftupdate/\" id=\"kb-link-2\" target=\"_self\">http://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<div class=\"indent\"><a href=\"http://technet.microsoft.com/security/bulletin/ms12-050\" id=\"kb-link-3\" target=\"_self\">http://technet.microsoft.com/security/bulletin/MS12-050</a></div></li></ul><h3 class=\"sbody-h3\">How to obtain help and support for this security update</h3> Help installing updates: <a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-4\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <br/><a href=\"http://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-5\" target=\"_self\">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your computer that is running Windows from viruses and malware:<br/><a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-6\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <br/><a href=\"https://support.microsoft.com/common/international.aspx\" id=\"kb-link-7\" target=\"_self\">International Support</a><br/><br/></div><h2></h2><div class=\"kb-moreinformation-section section\"><h4 class=\"sbody-h4\">Known issues and additional information about this security update</h4> <br/> <br/><br/> The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.<ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2553194\" id=\"kb-link-8\">2553194 </a> MS12-050: Description of the security update for SharePoint Server 2010 (coreserverloc): July 10, 2012<br/><br/>Known issues in security update 2553194: <br/><ul class=\"sbody-free_list\"><li>After you install this security update on all SharePoint servers, you have to run the PSconfig tool to complete the installation. For more information about how to use the PSconfig tool, go to the following TechNet webpage:<div class=\"indent\"><a href=\"http://technet.microsoft.com/en-us/library/cc263093.aspx\" id=\"kb-link-9\" target=\"_self\">PSconfig command-line reference (SharePoint Server 2010)</a></div></li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2553322\" id=\"kb-link-10\">2553322 </a> MS12-050: Description of the security update for InfoPath 2010: July 10, 2012 </li><li><a href=\"https://support.microsoft.com/en-us/help/2553365\" id=\"kb-link-11\">2553365 </a> MS12-050: Description of the security update for SharePoint Foundation 2010: July 10, 2012<br/><br/>Known issues in security update 2553365: <ul class=\"sbody-free_list\"><li>After you install this security update on all SharePoint servers, you have to run the PSconfig tool to complete the installation. For more information about how to use the PSconfig tool, go to the following TechNet webpage:\u00a0<div class=\"indent\"><a href=\"http://technet.microsoft.com/en-us/library/cc263093.aspx\" id=\"kb-link-12\" target=\"_self\">PSconfig command-line reference (SharePoint Server 2010)</a></div></li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2553424\" id=\"kb-link-13\">2553424 </a> MS12-050: Description of the security update for SharePoint Server 2010 (wosrv): July 10, 2012<br/><br/>Known issues in security update 2553424: <ul class=\"sbody-free_list\"><li>After you install this security update on all SharePoint servers, you have to run the PSconfig tool to complete the installation. For more information about how to use the PSconfig tool, go to the following TechNet webpage:\u00a0<div class=\"indent\"><a href=\"http://technet.microsoft.com/en-us/library/cc263093.aspx\" id=\"kb-link-14\" target=\"_self\">PSconfig command-line reference (SharePoint Server 2010)</a></div></li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2553431\" id=\"kb-link-15\">2553431 </a> MS12-050: Description of the security update for InfoPath 2010: July 10, 2012<br/><br/>Known issues in security update 2553431: <ul class=\"sbody-free_list\"><li>Windows Update will offer this security update to all systems that are running InfoPath 2010. However, the security update is required only for systems that are running Visual Studio Tool for Applications (VSTA). This security update can be installed on any system that is running InfoPath 2010. However, binaries are updated only on systems that are running VSTA.<br/><br/><span class=\"text-base\">Note </span>If you install this security update on a system that is running InfoPath 2010 without VSTA and then you install VSTA, you do not have to reinstall this security update.</li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2589325\" id=\"kb-link-16\">2589325 </a> MS12-050: Description of the security update for Groove Server 2010: July 10, 2012<br/><br/>Known issues in security update 2589325: <ul class=\"sbody-free_list\"><li>If you install any previously released Groove server update before you install this security update, then you may see multiple entries for this security update may appear in <strong class=\"uiterm\">Add or Remove Programs</strong>.</li><li>The Groove security update does not appear in <span class=\"sbody-userinput\">Add or Remove Programs</span>. To determine whether the update is installed, the system administrator can open the SharePoint Configuration Manager console.</li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2596663\" id=\"kb-link-17\">2596663 </a> MS12-050: Description of the security update for SharePoint Server 2007 Service Pack 2 (coreserver): July 10, 2012</li><li><a href=\"https://support.microsoft.com/en-us/help/2596666\" id=\"kb-link-18\">2596666 </a> MS12-050: Description of the security update for InfoPath 2007: July 10, 2012<br/><br/>Known issues in security update 2596666: <ul class=\"sbody-free_list\"><li>Windows Update will offer this security update to all systems that are running InfoPath 2010. However, the security update is required only for systems that are running Visual Studio Tool for Applications (VSTA). This security update can be installed on any system that is running InfoPath 2010. However, binaries are updated only on systems that are running VSTA.<br/><br/><span class=\"text-base\">Note </span>If you install this security update on a system that is running InfoPath 2010 without VSTA and then you install VSTA, you do not have to reinstall this security update.</li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2596786\" id=\"kb-link-19\">2596786 </a> MS12-050: Description of the security update for InfoPath 2007 (IPEditor): July 10, 2012<br/><br/>Known issues in security update 2596786: <ul class=\"sbody-free_list\"><li>Windows Update will offer this security update to all systems that are running InfoPath 2010. However, the security update is required only for systems that are running Visual Studio Tool for Applications (VSTA). This security update can be installed on any system that is running InfoPath 2010. However, binaries are updated only on systems that are running VSTA.<br/><br/><span class=\"text-base\">Note </span>If you install this security update on a system that is running InfoPath 2010 without VSTA and then you install VSTA, you do not have to reinstall this security update.</li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2596911\" id=\"kb-link-20\">2596911 </a> MS12-050: Description of the security update for Windows SharePoint Services 3.0: July 10, 2012</li><li><a href=\"https://support.microsoft.com/en-us/help/2596942\" id=\"kb-link-21\">2596942 </a> MS12-050: Description of the security update for Office SharePoint Server 2007 Service Pack 2 (xlsrvwfe): July 10, 2012</li><li><a href=\"https://support.microsoft.com/en-us/help/2598239\" id=\"kb-link-22\">2598239 </a> MS12-050: Description of the security update for SharePoint Server 2010: July 10, 2012<br/><br/>Known issues in security update 2598239: <ul class=\"sbody-free_list\"><li>After you install this security update on all SharePoint servers, you have to run the PSconfig tool to complete the installation. For more information about how to use the PSconfig tool, go to the following TechNet webpage:\u00a0<div class=\"indent\"><a href=\"http://technet.microsoft.com/en-us/library/cc263093.aspx\" id=\"kb-link-23\" target=\"_self\">PSconfig command-line reference (SharePoint Server 2010)</a></div></li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2760604\" id=\"kb-link-24\">2760604 </a> MS12-050: Description of the security update for Microsoft Windows SharePoint Services 2.0 SP3: December 11, 2012</li></ul><span></span><br/><h4 class=\"sbody-h4\">File hash information</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">SHA1 hash</th><th class=\"sbody-th\">SHA256 hash</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-ara.exe</td><td class=\"sbody-td\">944FFC7C1BCC35C796EE1CAEC3D977EA23BE3591</td><td class=\"sbody-td\">5736A05A0858EB07A8239C60593A4D6BD230BA54A3E16274A0773D93EE930570</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-bgr.exe</td><td class=\"sbody-td\">1EF35C81A8B2DF79AD99682D0984731216264B4B</td><td class=\"sbody-td\">45539094870B351DE90768D3E3156E0A825C7F371B415E75E64D405314030139</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-chs.exe</td><td class=\"sbody-td\">F11BB8837A560E4A0BC424D95BEC68E9D74AE377</td><td class=\"sbody-td\">F869A0A164A91A014D2AB1A7492F25363FD6CBFB83F8E4D44E3FFAC96C496D31</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-cht.exe</td><td class=\"sbody-td\">970CF05CCF910C9FF0431DCFC85F085F977AF542</td><td class=\"sbody-td\">22F3DC70AB127BB881DC166CDD771291EE833C7DA207482FEF84D11E0F3A8156</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-csy.exe</td><td class=\"sbody-td\">F49D9534D20C6E8F23C53FB8D226446C8D9EC441</td><td class=\"sbody-td\">18CB0ABCB54DC278D8C314B778999A5AED34948922C3DC9B0E512E0D0F9EEE77</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-dan.exe</td><td class=\"sbody-td\">19FA51E5995EA5EA3EAE16C540BF82550CE107E3</td><td class=\"sbody-td\">0D61FF387EE6507D2840F149A5063DD2C597E21DFF70F8F7AA960B65D36CBB5D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-deu.exe</td><td class=\"sbody-td\">4D81FFAC740D198A7B66DA296EF9427F9B11CFA2</td><td class=\"sbody-td\">C17A570B8E850D10000BBC4BBA14D6B78C03F267AA6FB169D0E4DF3B5656161F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-ell.exe</td><td class=\"sbody-td\">03973E73A4AB0E7F0B72D478B61538764AE5E547</td><td class=\"sbody-td\">485CD52BB0B9930C63530F38B7917E6774F548D26766CA40ECAF61377B5945A9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-enu.exe</td><td class=\"sbody-td\">8CDCE452A26ECC14A0BBBFA80B43CE48F224A6CA</td><td class=\"sbody-td\">2C21C95770D60BA08EBDA7965BC38625E20684BAB4E43E37C70673E133BF9F4F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-esn.exe</td><td class=\"sbody-td\">FA1B8FE9E815E75E3BD2F24C0C9E559A9E20B4C0</td><td class=\"sbody-td\">0C71F483FE72EAD5BE870EA1A8E9DC60C369FC5FC33733D0D02C629C3E7FF731</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-eti.exe</td><td class=\"sbody-td\">044DA3C7C9A238869D124D697DBEC06B4EA257C3</td><td class=\"sbody-td\">D6755EB7FD5E195A9CD2ADA1E5CA937A2B365AC6DB91AA4342AF4D2818E35D69</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-fin.exe</td><td class=\"sbody-td\">1867C849389450286FEE99C95CD881DA9CFFB708</td><td class=\"sbody-td\">8866AD99D8D83DE3271366399BD1B7998257E15E39A82ED0CB2C9E1DCC6AA943</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-fra.exe</td><td class=\"sbody-td\">777EA2C387B381768D1111E607779E70E41FDF1F</td><td class=\"sbody-td\">744ACE78426672E9EC75817E5D4D3B412DD272B7384C80190BE0B6FA2DB73BE7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-heb.exe</td><td class=\"sbody-td\">BDC9CAA8D266554B0ED9694562EB4E9B9C7368D1</td><td class=\"sbody-td\">7F7C8210CF6991AFFF14703E780E1191306B1856B00B95BC2F27B7EE59B5FB7E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-hin.exe</td><td class=\"sbody-td\">0B68573CDAAC765D4ABF325CD3996D1E2E667A17</td><td class=\"sbody-td\">F32BBA4CE8B5861F180261676CA6B44F1DAC36F9175D176EC69062A975C197AC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-hrv.exe</td><td class=\"sbody-td\">A0917833FD05D8C9175EBAA73BA83CD1C1A25F30</td><td class=\"sbody-td\">FCD5ADF13D09A8DCEC75210F4A452405C8266BB8476EBC4B54D5146BAA2FF8E7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-hun.exe</td><td class=\"sbody-td\">8329B99DEF9698D3E1D9260DD7F491B99C519584</td><td class=\"sbody-td\">AAB418A8CB3658D061B7356AA3AC1FB0F2A9D68632EEE2664900A1535C46D2A4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-ita.exe</td><td class=\"sbody-td\">DC7A8679DFB3D21E796A6E61C201437EA1AA5C2F</td><td class=\"sbody-td\">F1D53091A9F95E970642C3A4F612237DAF5BA24414A3F1E9B7A8D8F21F5248F5</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-jpn.exe</td><td class=\"sbody-td\">563502557130AFE06614CDB1CE2FFBA352B74739</td><td class=\"sbody-td\">58F48E2973284C3DAC005B7DB1B3DD9C64FB6F898A027F167E335C3B566FE69C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-kor.exe</td><td class=\"sbody-td\">A7BD3032953031CDC511666250AECE3F87C64F0B</td><td class=\"sbody-td\">88B675F6DC0F393725B135C1FD7DBBE3F46289221803FF547669A1388EAA996C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-lth.exe</td><td class=\"sbody-td\">963D99379FF4515725F8DD1594872EB0973E42A4</td><td class=\"sbody-td\">DE8E907C37917D93DA25FEBDB2C7E5A033E486D1D1B2A7D97001486FD0467DAB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-lvi.exe</td><td class=\"sbody-td\">40B44B094CD1ABDF693AC0C44429888EB07B99F6</td><td class=\"sbody-td\">13841434EA8994760EEF0C7626FAA473F582763B9B9214C94F53B0BEFEFA28BF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-nld.exe</td><td class=\"sbody-td\">F4F356BC58494D3EB2146955A512163473F5C18C</td><td class=\"sbody-td\">5BBD181CD9F4B518751A47A5F59D821D3F486763CE2050F34173C4F377C1765A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-nor.exe</td><td class=\"sbody-td\">1BFDAC7CA337DD926FA851DFC44B6C8EB3787D44</td><td class=\"sbody-td\">1855342D407C705D8AA1EE14030C2BFF23E4A1022A87D0121EA937EFC0A5735A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-plk.exe</td><td class=\"sbody-td\">854ACEEC4ED26C8F2AF6115F8357D3E18D95BF46</td><td class=\"sbody-td\">266194456C096A44F03C180744B74A0A9827F34BA79DB5FC857D271B11FDC2D0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-ptb.exe</td><td class=\"sbody-td\">80AFB3A70ADD47AF15C5C811298248DA06BFE60F</td><td class=\"sbody-td\">65CEF35AB79343C01CA79C550A4AB72F9F5A1EF786F539BFF6484450C0A05AFF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-ptg.exe</td><td class=\"sbody-td\">064033EDCD99453BDA48A6EF012F76E0FFC1422C</td><td class=\"sbody-td\">6C4BC8DA2B32B3F854D70DF23AEB9BF0A715B7DAC9F35C6399B2D0DEA7E9FB0A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-rom.exe</td><td class=\"sbody-td\">FF36147DCBB752ACE97C682B1D8B8935A848C5D0</td><td class=\"sbody-td\">4128BAD2C2DDD45017530CECC0C2A7ADC0B88D3BCF5072170FF7D97A1E9BF26D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-rus.exe</td><td class=\"sbody-td\">35B3BDC570F6D82475A62C38171260B24BE2266B</td><td class=\"sbody-td\">4391A7761F2DB2FB3058FCA6E306519DA44EAEBDE2A990B520FA1EE3F60E360E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-sky.exe</td><td class=\"sbody-td\">1D5A41747ABC246F69A1C61E36B524604E5A0FEC</td><td class=\"sbody-td\">B598C60AD4FE2C82A7B43D390B32D6917A2637378B679A11C8D52E433840507F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-slv.exe</td><td class=\"sbody-td\">CE0131A5858230363BFDD3BF6EA399ABDE1378BC</td><td class=\"sbody-td\">3605324E72645A7E126E037DCBC79827DE28DDD364C95DB79FB416402462EAEF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-srl.exe</td><td class=\"sbody-td\">AD4A19231C72A880D361BFF018773F3486BED26C</td><td class=\"sbody-td\">A1B5F71EDEB27A906C98438E3429882C82EC60CF58815EE10AE6BADAD97B949E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-sve.exe</td><td class=\"sbody-td\">94575D9AEC7CC927278BA869A31EEB42A760D324</td><td class=\"sbody-td\">CEC7BFD45C09D1E52F1DD4137B558D9D7B9613353B26C2C54A652E80C5FCFD68</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-tha.exe</td><td class=\"sbody-td\">6999EECC0D501ABFF9B490203C5E2016E1617B99</td><td class=\"sbody-td\">B6D0DF67C45B6F5C1368C3B23AB624DB6127B03D5C980FC29D842488FAC27205</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-trk.exe</td><td class=\"sbody-td\">B62A256B76FBEE70FB51EF41700D164B9DF1B548</td><td class=\"sbody-td\">309659C1C8060265A6DB0C6C31F89720A61F8DD065FA3DCD8A9AC5CA389FCB4F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-ukr.exe</td><td class=\"sbody-td\">92C0AD7EE66A4E20AC22D23CCA4D405FB53ED927</td><td class=\"sbody-td\">8C1EC306BA0883730D2D5C554DD9116998C2F11B816D20A236A78E7EF671CEE4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-zhh.exe</td><td class=\"sbody-td\">18B05B146DE37B421C37EDB2CC8801884044B8B5</td><td class=\"sbody-td\">3402D3016F8500DDC25E566D50CB91130885BE25A509643BA96F9B9D8DB3FA24</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">coreserver2007-kb2596663-fullfile-x64-glb.exe</td><td class=\"sbody-td\">B4B8C2D03393AFAE2D609B3E22E9C54459170AB7</td><td class=\"sbody-td\">287BA5C0B0672DB4FBF9A7C15A539F6699FA1BA91A4170B049308C52DBB0FA22</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">coreserver2007-kb2596663-fullfile-x86-glb.exe</td><td class=\"sbody-td\">459B707CC63E3F0B38D87BA0968D89C7D7766707</td><td class=\"sbody-td\">0B187B5ACC20FC8EBC4CCC1BF658D51E4A4DA4F564C2CA1B92B432A0C40C6D2C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">coreserverloc2010-kb2553194-fullfile-x64-glb.exe</td><td class=\"sbody-td\">92515E81643BBB6DDFFEB3D6295645322BE1C094</td><td class=\"sbody-td\">D29D2A72BAE50717011AC007AEACD1B69E802FD5E4D4AC3A0A7DB27488EDEB0F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">emsgrs2010-kb2589325-fullfile-x64-glb.exe</td><td class=\"sbody-td\">C40B9731DA0D72958E97C37C8562676E9035DF1E</td><td class=\"sbody-td\">98D9F03A1B94B0C6085E320A760F64391A1E6F34064666D140E55252F1B2908C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">infopath2007-kb2596666-fullfile-x86-glb.exe</td><td class=\"sbody-td\">6089333AEB61B4F0613898C33F8583A15957D782</td><td class=\"sbody-td\">C6440DAB225C67F0C290A1AD0B85C72BA3C6B2F813B0901B04FCABDF1FC9B086</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">infopath2010-kb2553431-fullfile-x64-glb.exe</td><td class=\"sbody-td\">CF9C2F85761B14386A848CD89E5C517F632ECF08</td><td class=\"sbody-td\">6A16C443958BEFAE24E861E053B04EB09CB78A777DAF9A7C603E70DAAD6E5D2D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">infopath2010-kb2553431-fullfile-x86-glb.exe</td><td class=\"sbody-td\">C1CF3BFC26754C57F8A5C111C014015BEC5D6D3B</td><td class=\"sbody-td\">8AACEAE7227509C592442829FA06D6924E48C8E15D5238C79104E9C716ADA5D9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ipeditor2007-kb2596786-fullfile-x86-glb.exe</td><td class=\"sbody-td\">C098589CFF0B676B80C4C5B2E145B9BD93E2C355</td><td class=\"sbody-td\">6611329D0E156EB2DC01584F9ED1EF72BD08D81FE083FFC57ACD541BB0D31700</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ipeditor2010-kb2553322-fullfile-x64-glb.exe</td><td class=\"sbody-td\">CE8A14DBFA1513CF843B37B30113A37DE5EB33FF</td><td class=\"sbody-td\">B721DCF88277D1271DE22C3A1E7869389C3EB976BDE8C7176CD74C0E322ACC35</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ipeditor2010-kb2553322-fullfile-x86-glb.exe</td><td class=\"sbody-td\">2C9EC3F1D70A4E04A15D81DC6AE75ABEC168E700</td><td class=\"sbody-td\">5F269A2559012056B6F16DB638365F7225C143B524AFC0DA77331671933952EF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">sts-x-none-x64.cab</td><td class=\"sbody-td\">C093C7C13D7CB01D5F7B2F244399DBC34BB10D20</td><td class=\"sbody-td\">05853D2678F4D335A0BCFC1AA74E79D980072A7F23CAABF64C2635675210F54C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">sts-x-none-x86.cab</td><td class=\"sbody-td\">13258CA09C2D2A019C5E1F7EEFD53378B53A93CA</td><td class=\"sbody-td\">CFE52C1389B605C1E3AAB0024D7C771828E799F5F8FD1C4C010F3A86992B4560</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">sts2007-kb2596911-fullfile-x64-glb.exe</td><td class=\"sbody-td\">302CB71DCB952EB7AE2BB7A0DFCB3826488DFFD9</td><td class=\"sbody-td\">E01E674F45D599895EA65579874D22F3A990E385EBAABA69FEE232095147DF4E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">sts2007-kb2596911-fullfile-x86-glb.exe</td><td class=\"sbody-td\">3B815B9647BB14E549B89BF61E26AF34BCE63006</td><td class=\"sbody-td\">DE51614C7107B26600E44AE5AE6AA12B6D4BC2E5C2BD84ADCFD39E409529371C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wac2010-kb2598239-fullfile-x64-glb.exe</td><td class=\"sbody-td\">5DA77BDDC33BA933C94C5922FD037796A74CDD50</td><td class=\"sbody-td\">60E369CA03A8237938070573F31DCB1AFCFAD738616C6F2E75B7D6CBFCEEC184</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wosrv2010-kb2553424-fullfile-x64-glb.exe</td><td class=\"sbody-td\">6DF33A7F0FCD21696C581DA461805BC245D5E5D4</td><td class=\"sbody-td\">057090BC16ED1EB4974ABA40E2FC79AB4AED3D431E2224002F6402847439A2E0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2010-kb2553365-fullfile-x64-glb.exe</td><td class=\"sbody-td\">1974AEBB7C576D58499CDEDB25C426FAAEDA0C57</td><td class=\"sbody-td\">CC9980F485D951CFAD7E2B9FB93F70C1703C8DEC1E4EB91AD5EB7DC8F95BCE39</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlsrvwfe2007-kb2596942-fullfile-x64-glb.exe</td><td class=\"sbody-td\">3D987EDEAE127AA515409E02448A3CFDE785EF79</td><td class=\"sbody-td\">E895F8A3E13B19D0A48F64194B712F5CB00B4EF532038EBEF9EAB8BB3E80105D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlsrvwfe2007-kb2596942-fullfile-x86-glb.exe</td><td class=\"sbody-td\">F54164686BC47A54EB7CD22096DCE7932DD60F3A</td><td class=\"sbody-td\">C3F8E89D78BFC09257F5E97E9CEA68567225506366B4DFE8CC9586EF2226FBF9</td></tr></table></div></div></body></html>", "edition": 2, "cvss3": {}, "published": "2012-07-10T00:00:00", "type": "mskb", "title": "MS12-050: Vulnerabilities in SharePoint could allow elevation of privilege: July 10, 2012", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1862", "CVE-2012-1858", "CVE-2012-1863", "CVE-2012-1861", "CVE-2012-1860", "CVE-2012-1859"], "modified": "2012-12-11T20:04:29", "id": "KB2695502", "href": "https://support.microsoft.com/en-us/help/2695502/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T22:37:04", "description": "<html><body><p>Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage by using Internet Explorer.</p><h2></h2><div class=\"kb-notice-section section\">The update that this article describes has been replaced by a newer update. To resolve this problem, install the most current cumulative security update for Internet Explorer. To install the most current update, visit the following Microsoft website:<br/><div class=\"indent\"><a href=\"http://www.microsoft.com/technet/security/current.aspx\" id=\"kb-link-1\" target=\"_self\">http://www.microsoft.com/technet/security/current.aspx</a><a href=\"http://windowsupdate.microsoft.com\" id=\"kb-link-2\" target=\"_self\">http://windowsupdate.microsoft.com</a></div>For more technical information about the most current cumulative security update for Internet Explorer, visit the following Microsoft website:<br/><div class=\"indent\"><a href=\"http://technet.microsoft.com/security/bulletin\" id=\"kb-link-3\" target=\"_self\">http://technet.microsoft.com/security/bulletin</a></div></div><h2>INTRODUCTION</h2><div class=\"kb-summary-section section\">Microsoft has released security bulletin MS12-037. To view the complete security bulletin, visit one of the following Microsoft websites:<br/><ul class=\"sbody-free_list\"><li>Home users:<br/><div class=\"indent\"><a href=\"http://www.microsoft.com/security/pc-security/bulletins/201206.aspx\" id=\"kb-link-4\" target=\"_self\">http://www.microsoft.com/security/pc-security/bulletins/201206.aspx</a></div><span class=\"text-base\">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br/><div class=\"indent\"><a href=\"http://update.microsoft.com/microsoftupdate/\" id=\"kb-link-5\" target=\"_self\">http://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<br/><div class=\"indent\"><a href=\"http://technet.microsoft.com/security/bulletin/ms12-037\" id=\"kb-link-6\" target=\"_self\">http://technet.microsoft.com/security/bulletin/MS12-037</a></div></li></ul><h3 class=\"sbody-h3\">How to obtain help and support for this security update</h3>Help installing updates:<br/><a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-7\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals:<br/><a href=\"http://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-8\" target=\"_self\">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your computer that is running Windows from viruses and malware:<br/><a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-9\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support according to your country:<br/><a href=\"https://support.microsoft.com/common/international.aspx\" id=\"kb-link-10\" target=\"_self\">International Support</a><br/><br/></div><h2>More Information</h2><div class=\"kb-moreinformation-section section\"><h3 class=\"sbody-h3\">Known issues with this security update</h3><h3 class=\"sbody-h3\">Non-security-related fixes that are included in this security update</h3><h4 class=\"sbody-h4\">General distribution release (GDR) fixes</h4>Individual updates may not be installed, depending on the version of Windows and the version of the affected application. Please view the individual articles to determine your update status.<br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2696955\" id=\"kb-link-11\">2696955 </a></td><td class=\"sbody-td\">You cannot open a file whose file name is fully encoded when you use Internet Explorer 9 to browse the webpage that contains the file</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2715453\" id=\"kb-link-12\">2715453 </a></td><td class=\"sbody-td\">The Save As dialog box may intermittently not be displayed when you try to download a file in Internet Explorer 9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2715815\" id=\"kb-link-13\">2715815 </a></td><td class=\"sbody-td\">The travel log is not updated when you post a form that is in a frame in Internet Explorer 9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2722090\" id=\"kb-link-14\">2722090 </a></td><td class=\"sbody-td\">Quotation marks in the name property of an HTML form are encoded with ASCII encoding two times during form submission in Internet Explorer 9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2718628\" id=\"kb-link-15\">2718628 </a></td><td class=\"sbody-td\">The display of a WebBrowser control may be partly erased when a menu item dropdown overlaps the control in Internet Explorer 9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2719319\" id=\"kb-link-16\">2719319 </a></td><td class=\"sbody-td\">Internet Explorer 8 shuts down when you browse through a proxy server to a webpage that uses protected mode and SSL</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2695422\" id=\"kb-link-17\">2695422 </a></td><td class=\"sbody-td\">A memory leak may occur when a modal dialog box opens in an iframe in Internet Explorer 8 </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2695166\" id=\"kb-link-18\">2695166 </a></td><td class=\"sbody-td\">Cannot print a document in Internet Explorer 8 or Internet Explorer 9 after closing Print Preview by using the Close (red X) button </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2703157\" id=\"kb-link-19\">2703157 </a></td><td class=\"sbody-td\">Memory leak when an application calls the WinHttpGetProxyForUrl function on a Windows 7-based or Windows Server 2008 R2-based computer </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2722090\" id=\"kb-link-20\">2722090 </a></td><td class=\"sbody-td\">Quotation marks in the \"name\" property of an HTML form are encoded with ASCII encoding two times during form submission in Internet Explorer 9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2678934\" id=\"kb-link-21\">2678934 </a></td><td class=\"sbody-td\">Internet Explorer 9 shows a download bar for links that are targeted to an iframe </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2716900\" id=\"kb-link-22\">2716900 </a></td><td class=\"sbody-td\">A file that you opened in Internet Explorer 9 may be deleted when you click Cancel in the Internet Explorer Information bar </td></tr></table></div><h4 class=\"sbody-h4\">Hotfixes</h4>Security update 2699988 packages for Windows XP and for Windows Server 2003 include Internet Explorer hotfix files and general distribution release (GDR) files. If no existing Internet Explorer files are from the hotfix environment, security update 2699988 installs the GDR files. <br/><br/>Hotfixes are intended to correct only the problems that are described in the Microsoft Knowledge Base articles that are associated with the hotfixes. Apply hotfixes only to systems that are experiencing these specific problems. <br/><br/>These hotfixes may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next service pack that contains these hotfixes. <span>For more information about how to install the hotfixes that are included in security update 2699988, click the following article number to view the article in the Microsoft Knowledge Base: <div class=\"indent\"><a href=\"https://support.microsoft.com/en-us/help/897225\" id=\"kb-link-23\">897225 </a>How to install hotfixes that are included in cumulative security updates for Internet Explorer </div></span><br/><span class=\"text-base\">Note</span>In addition to installing hotfix files, review the Microsoft Knowledge Base article that is associated with the specific hotfix that you have to install to determine the registry modification that is required to enable that specific hotfix. <br/><br/><span>For more information about how to determine whether your existing Internet Explorer files are from the hotfix or from the GDR environment, click the following article number to view the article in the Microsoft Knowledge Base: <div class=\"indent\"><a href=\"https://support.microsoft.com/en-us/help/824994\" id=\"kb-link-24\">824994 </a>Description of the contents of Windows XP Service Pack 2 and Windows Server 2003 software update packages </div></span></div><h2>FILE INFORMATION</h2><div class=\"kb-summary-section section\">For a list of files that are provided within these packages, click the following link: <br/><br/> <div class=\"indent\"><a href=\"http://download.microsoft.com/download/c/6/8/c68243cd-8b76-411f-a477-72f6a7e16c39/file attributes tables for security update 2699988.csv\" id=\"kb-link-26\" target=\"_self\">File attributes tables for security update 2699988.csv</a></div><h3 class=\"sbody-h3\">File hash table</h3>The following table lists the thumbprints of the certificates that are used to sign the security updates. Verify the certificate thumbprint in this KB article against the certificate thumbprint indicated on the security update that you download.<br/><br/><br/><br/><br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Publisher Filename</span></td><td class=\"sbody-td\"><span class=\"text-base\">Sha1</span></td><td class=\"sbody-td\"><span class=\"text-base\">SHA2</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-enu.exe</td><td class=\"sbody-td\">53324A0E42AEB5DE86E059613D33E3D13FB9686A</td><td class=\"sbody-td\">17C0FB2EF4644670ACB560A93BF79F3EF77A4F35F018498103611A8ADE84668C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-ptb.exe</td><td class=\"sbody-td\">4B977D8EB3C2E8E366B0011A1E8ADE27C2DCA55E</td><td class=\"sbody-td\">B518113FFAE760022EE98680567F5F321C82D64E63DA83F56874CF140B3DE05C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-hun.exe</td><td class=\"sbody-td\">76D37077F850532294329FF714C8A5E838CA5093</td><td class=\"sbody-td\">26F52454F97BE9BCDD52B992272D6820E62479EAEDA0F60D953C9EFF5FF55DE5</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-jpn.exe</td><td class=\"sbody-td\">4D8274EFA81B59715C5306154E7C538ADD69B73D</td><td class=\"sbody-td\">E121B54C84E14CF2380F909A65CEF47EEFD0F2F0DF420B8D776D688CA2316212</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-nld.exe</td><td class=\"sbody-td\">3FF5FB761EF680CBF5663EBC8526CF816B78A422</td><td class=\"sbody-td\">6651F5A15548DAB0B169DB00578AE46113254181FCDFB2B42F05C2FCBFDB6EF4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-plk.exe</td><td class=\"sbody-td\">49271F1A17ECC761235C2CFCAA5BE7856B5C4043</td><td class=\"sbody-td\">92D40F9E72B15353730D3F3B2D0D3A2FD8D5D9EB88620285A4B8FFD6A6FDAAE8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-ita.exe</td><td class=\"sbody-td\">C6DA0ABC4A614D26FF789F6671E075C48DB4E921</td><td class=\"sbody-td\">99B503BFD5A6D7FB57A9F29868832FA2B4D3A3581775BCE9CC6292C6C63E3B91</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-chs.exe</td><td class=\"sbody-td\">55D7DF59F4120882746EDE0C88AE18FA13E2656E</td><td class=\"sbody-td\">F5F6BC7C6B3CE82DF64235DA3A384896A8AD7850BBEB2BD2C9BD6F0A79135AF6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-trk.exe</td><td class=\"sbody-td\">6341B3CC0D30E97C21F663EF2FF315461CF0D9F3</td><td class=\"sbody-td\">45E44ACD48E1BB1165D0429BB6DF6478C8286174972CD7E4A44FE8B97E0D81D4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-rus.exe</td><td class=\"sbody-td\">C2DE6F6D9F0C946221A561DD747F06986F1F80C2</td><td class=\"sbody-td\">29164695BAAFC26E99BD4363787D71CEB26F28857C069F5DB4C28B68E628759B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-sve.exe</td><td class=\"sbody-td\">BAEC609413E2B63036797B91DD83B3F846501AD1</td><td class=\"sbody-td\">895E73B1B7340D5F13AA9DE57A38E93B0473BFAC5623CF0962B0A9B066B0EBDC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-esn.exe</td><td class=\"sbody-td\">520E5F469C55468D990C4A9B45B58E9E00B4FC5C</td><td class=\"sbody-td\">1207CA4DC0C093EF0792B54BFB4BF0FAAAFB9BC407C3F0EE412DF6C4F4A4504B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-ptg.exe</td><td class=\"sbody-td\">D0E1CEDDBFFD8A10B5EBAC568BB72241364453BA</td><td class=\"sbody-td\">0AF5DBC61D454601A4F9AECB5D979993B541DAAE11090C6A2A1A61C45D202B5E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-kor.exe</td><td class=\"sbody-td\">8D6B0D5B080328AC6D3ECADAC9524E1BDEDB9EE4</td><td class=\"sbody-td\">1855D9D549A714C38E29A6CA11798A1418A63AB4EB5B21D724D488C9E76D84F8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-rus.exe</td><td class=\"sbody-td\">CCA5558F2076326C1BAC2F682C920911729F42CA</td><td class=\"sbody-td\">4D1617A49D63ADE567105AEAAE495D76C42DF5A43313652D19B2649B931F3997</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-esn.exe</td><td class=\"sbody-td\">4EADFE9DB4C9AFF061D1FB8B6395C9C3E8B49CB4</td><td class=\"sbody-td\">CFD65D5D8B88794FA5528E51F59211AC06B989A7E7E2C81A37FBC807FF29AE4E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-kor.exe</td><td class=\"sbody-td\">CAA96AB4199B553A6CCF3417ECE6D21F08DC9BF6</td><td class=\"sbody-td\">2695A8C82629A82B181E2DC76363917F2E957D562B190A56D0A121696459338B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-chs.exe</td><td class=\"sbody-td\">AB615DE8CE915281A6175C4927D5896F05C9E86E</td><td class=\"sbody-td\">18061A35C113484614F568B4C2E6958EDC0201D73837139C05EB11A206FE6949</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-ita.exe</td><td class=\"sbody-td\">201A560747B730990976382944DAB6024289A960</td><td class=\"sbody-td\">9C926085D6DE959C34C0AA3BAB934924CDFCF2FA609D3FAEE90572036743FD71</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-nld.exe</td><td class=\"sbody-td\">D9291225462A9C95ECC24E4056A15A614425982D</td><td class=\"sbody-td\">FB9BC832EEA32D85188CC672F48F979C232A1126D7AB0294F470EDC0491BF4A9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-csy.exe</td><td class=\"sbody-td\">B0EDA1894F1C609437B4F43E82139F614B3E50B6</td><td class=\"sbody-td\">61A67DC529CE87B02BB7A3B7386CB2060DDCF5353F1A6692A3F66D4D84FADB3E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-ptb.exe</td><td class=\"sbody-td\">75E54D51D1BA4F1DBA1D82B74DDADF407C24DC9B</td><td class=\"sbody-td\">4B77C626DF204B1B6995197226815D09F760B037DD149F3EB8CA1B29FAD518A7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-fra.exe</td><td class=\"sbody-td\">F6127D77CADBA301CA658F7D28ADC0875E024234</td><td class=\"sbody-td\">7A89835EADEC0CBA1915B10D9D707E4C0AACD271E2A89CE54EA3CB1097FF64DE</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-deu.exe</td><td class=\"sbody-td\">324B4AD1ABFDCEE18641AA70D1AAB5E7419AC726</td><td class=\"sbody-td\">D8113983BBDAF953F1342C6933608F0993888BA64B83D60E70D85518696267C6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-jpn.exe</td><td class=\"sbody-td\">6E944314F86522FEF44579A173847D2FB3C83406</td><td class=\"sbody-td\">CB143BB175E08D970079451393D6A5F3FED82D553A5ED2EB3717A2382806E1F7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-plk.exe</td><td class=\"sbody-td\">BE74802AE609DFFD2460DE61F54926151514C355</td><td class=\"sbody-td\">EC1D553C7FFBFF24397482E513194FAF2A8C6BD7B44EBF92005FFFF04C6ED1A4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie9-windows6.1-kb2699988-x86.msu</td><td class=\"sbody-td\">2820E2FD398378D2CF4B1EDDE7A086764438F7C2</td><td class=\"sbody-td\">E38929923CA479D817B0588EA62B325FF202F8F2524F3AA45145385F5AD4163D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie9-windows6.0-kb2699988-x86.msu</td><td class=\"sbody-td\">620B26312E3485E2B536834A82BA8963917D2CF7</td><td class=\"sbody-td\">7D92920B0474676BEF0C5B05A665F096DDF2EBBFECB208F24803527EC73AE13C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-enu.exe</td><td class=\"sbody-td\">E6B4684880C31EC6AED099BBE078E3425398A94D</td><td class=\"sbody-td\">B5C7B8ABC841536571889F7F3A1FAE6E4354191273DC4A5084853FE675C4EC96</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-ell.exe</td><td class=\"sbody-td\">96CB74D23D25963E4F2782339D5412A0E782B189</td><td class=\"sbody-td\">543620A6EDF7E960F2CEDF9302603308F59A32B2F11A1CA8835E91C62FC38433</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-fra.exe</td><td class=\"sbody-td\">545987F11166DC04D0613D875A646DFEED9AB7D0</td><td class=\"sbody-td\">E77210B39D945DC9A38CC6900AE7EA2C82A8C92A70D65A9E857E7E315269EBAE</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-ara.exe</td><td class=\"sbody-td\">F4D0F87ABF38FBF275392A3C9748A36E2CE13934</td><td class=\"sbody-td\">22C0CAD9536F3B9FC49CB44F3E6FDFAB26719905940F8826A461D25131685346</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-jpn.exe</td><td class=\"sbody-td\">56CFACA3F22B03B4F7A773A917CF999080276C77</td><td class=\"sbody-td\">CAF5FA8DC7161605CBC4908F568F77257E34C0236411D791F1E966815E01E81C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-deu.exe</td><td class=\"sbody-td\">35CF11BBC1A60606C2511904613F436FD05D269F</td><td class=\"sbody-td\">4D2E77852804C1DECB0EAD9367F1CDD4E485CA47B9F16767A3E04FA07AD558A8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-cht.exe</td><td class=\"sbody-td\">E120C08405EBC05D0552EF2C73DCC1854A72F739</td><td class=\"sbody-td\">F217F1013890839DDB8BE591D02DE0D906F073C341EF0B05C92CFDD30185C182</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-chs.exe</td><td class=\"sbody-td\">931A16D0BE4EE89C23759B95BEC85AFC3CA3B50D</td><td class=\"sbody-td\">1340DCE0BF2C88009034801835EC4B5FAB0B983CBD50CEA1171A9043583FCF24</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-ptg.exe</td><td class=\"sbody-td\">82E6714C328D518A0FFC389FC5F0871A69368D5E</td><td class=\"sbody-td\">E3D03FF3C8FC90579FBBE1952C82C60838844DD5FB9B56C61F02A449B0E514D9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-trk.exe</td><td class=\"sbody-td\">77F654C7309DF235FD4F564F139FCB34D7B17440</td><td class=\"sbody-td\">7DB8389DB0D4E0BE1BF326E7520AB4FEF91F17F395E76B0F71BB9AF620039FFA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-kor.exe</td><td class=\"sbody-td\">11FB70381AEDCD7248CBF4D10384EB02516D2725</td><td class=\"sbody-td\">ABBE958725DC90FD8EAC57A8ACDB352C44147ED39FE9BD41B2082DAA548A6C0C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-dan.exe</td><td class=\"sbody-td\">1CCBA29C539D11940CDADB782A25438D3CA95812</td><td class=\"sbody-td\">3B71F651A417D30DD0568B6080FD1E4B66D30211BEC9EC6F24098F381F3607EA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-ptb.exe</td><td class=\"sbody-td\">B12214C90CDC27661538E758FD7CEE22A300DCE0</td><td class=\"sbody-td\">9E42CF3CEBF0E8E649031557E2447ADC831446FC282C1972FA7A62B7427C2D49</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-fin.exe</td><td class=\"sbody-td\">F23281BE655B1BC3C7E6B73254578C9EACD7EAFB</td><td class=\"sbody-td\">E345EB64527650446802AE99A939F391B5B88CD8FA5CBAC25D5A605989928562</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-sve.exe</td><td class=\"sbody-td\">E75AAC374D05F857F5F6A8A3883C8F94ABCB4706</td><td class=\"sbody-td\">98A1D235EB24F2744F2E91FEF3F391A3995B439B03C71888D10596EAD2E5BF7A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-csy.exe</td><td class=\"sbody-td\">C0022581F3A7E835DFFF778D7222A8879C2A048C</td><td class=\"sbody-td\">A8E2154B9EA8CF6543D6604D362F3168BD4AD09036775A38FBD0B3B5A67FB57E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-hun.exe</td><td class=\"sbody-td\">31A770BF7B72685937B601DEF801FCC930DA3007</td><td class=\"sbody-td\">66513AC64441CB431A706F664E8D340D0CC8D4ED1EEC7ACBFF05B3185D77D531</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-nld.exe</td><td class=\"sbody-td\">0A44861983618C137B45239871E508580E123748</td><td class=\"sbody-td\">1156B2987BD04288B820B17085A689E7B1295E03553EB7CC287A18C10E11E5B0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-nor.exe</td><td class=\"sbody-td\">FDB2F26CF765DC648B649D77F38092825E28A5DC</td><td class=\"sbody-td\">F996F642D9B8B1FC85BC10675120FAAD8C9589C16E5D0C7EB07B31D45B792AAC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-plk.exe</td><td class=\"sbody-td\">B99C2E9E77386EF15B2A6ACD157F95FDCEB6C37D</td><td class=\"sbody-td\">79D508446B5BDC84778FE7624D53BB6A01D21244EA512A0745B44A221286CC37</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-rus.exe</td><td class=\"sbody-td\">DA539EACC8E89D8F23AD9A36DB36C3C85DC4A231</td><td class=\"sbody-td\">726334A9E11ABA40946865C11E35A8802EE2C75EB28D33A0413E7EDB8F243810</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-esn.exe</td><td class=\"sbody-td\">F5FE8E0954B6009E1831D93FF9BACA4FFA94BAE0</td><td class=\"sbody-td\">36034FC50F85919EF95BD3F63C5620DF5D4287CEF370637080CED359CB3D10E9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-enu.exe</td><td class=\"sbody-td\">62359CE85561D32E7AE4F396957040AEA02321A2</td><td class=\"sbody-td\">3292E51A39A405849AD0BCE7A37C53A1246FDC41B8C56BC9CD2EB891D793D46F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-rus.exe</td><td class=\"sbody-td\">F2D3A09FAA78CF8C9CAEBE7191A5B37583BA65F9</td><td class=\"sbody-td\">DA315B176A3E9529B5DADD7A1DA425AFA39385BDE06DEC6DC251B523C1AFFC9F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-csy.exe</td><td class=\"sbody-td\">203AF738AC1E40B97B7F8A84EDEC61E0752F94BD</td><td class=\"sbody-td\">B3C64857417ABD69E663B14AD53717675BEF44C4C35CA6CDAACDB167B067EE7C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-dan.exe</td><td class=\"sbody-td\">CF811B052E3C05310095F13AF85BDD20A2CE4161</td><td class=\"sbody-td\">DB3FCB899BB59821C94BE6C35E347ECCDB8114635DC1E840217D64DBA755277A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-esn.exe</td><td class=\"sbody-td\">9EDC8536C6400958E30C80254131474247803EE3</td><td class=\"sbody-td\">2C07786B223FAA83EEDFAFDB02858310D8C21407384ADA94DF9E7CC0399AF534</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-fin.exe</td><td class=\"sbody-td\">486075C772D6425ECAC9AEF3C93BA16E69739B81</td><td class=\"sbody-td\">4AA219AF257A94A065D5F539E1EC43E11E1EDE09CD8DAD724F77140A55D8957B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-hun.exe</td><td class=\"sbody-td\">71E6715265E829F5BBB91C89293ED9005E35718F</td><td class=\"sbody-td\">6F428042F3A0A3618DFE5362C75FA76D03A171F5A5F3F021FA7E95A6B0ED53C2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-heb.exe</td><td class=\"sbody-td\">C65ED3A6997FC339F887272341014024D863DB27</td><td class=\"sbody-td\">424E00A9CCCB8BDA79414D142C307671FCB247C677060FD26AFB83CE54492F06</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-nld.exe</td><td class=\"sbody-td\">337BA1A18E74AEC0E55F57BD09F4B6BFB33D3BEC</td><td class=\"sbody-td\">16C333555F05FBC2213A26421290A9868A17207E32CB7D98E621F556B8BD0441</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-nor.exe</td><td class=\"sbody-td\">00FF897A3CA089140C14CF41CB4D8EEBA54D192F</td><td class=\"sbody-td\">42EDB8FB4F6285864AAB6759583B9D6D0D16767F54ECE6B11DF7A15860248C80</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-ptb.exe</td><td class=\"sbody-td\">7B21F73AADCC2529FD6968FECE22118503FBD17A</td><td class=\"sbody-td\">709D65B75F588FFB5FAF2B945705C11E482909436460AF3BDBBF34CCD1895034</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-plk.exe</td><td class=\"sbody-td\">B89C258E5212B6EA179D0F4668051927CCCD0B10</td><td class=\"sbody-td\">F7A3B08F77E85610F4531B397A3D7FAAEA91A5194A9DA2380EADA3F91F2CD56E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-trk.exe</td><td class=\"sbody-td\">A087F347C49B6E532A7F8A9A5D47E027E1FA4ABB</td><td class=\"sbody-td\">84A1C02AE0DBB9951BA6AE8488ABED944DB669F306ED4C0F6323E4B15F5B9DD4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-deu.exe</td><td class=\"sbody-td\">250178E27BEE432E81DFB0610A8E8FC704099FBC</td><td class=\"sbody-td\">96AEC5CFEAAB0C935AE875A7215A1A1D83AFAE1148FCF03E9EF1EEA3B02680CF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-ara.exe</td><td class=\"sbody-td\">7047D0AAA08F52157D9F1192AAC7E56939FAE19E</td><td class=\"sbody-td\">07BAED225502C71E3EDE0CF0CC8DC4AACEDA778D8CCF945E932A36FC8ADD3992</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-chs.exe</td><td class=\"sbody-td\">8CFCD420CF20C2BB4B90D3F222F641725799499B</td><td class=\"sbody-td\">36C630DA013E0F7D01DC2FCBB8868DAC5EDF21D3B6FFC39E8809DB367E2EC945</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-cht.exe</td><td class=\"sbody-td\">A6A447F1DE44AFB6C14B7201E02B3D4B5417D755</td><td class=\"sbody-td\">ED408F573F26AED196E7B5E24693626F20257AD5FE4782C32371317041A56C3B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-ell.exe</td><td class=\"sbody-td\">D4E033E4FB8433680667D82695FC7D9F4D7793EF</td><td class=\"sbody-td\">FA7D0F5E769F533F8F79759E6EBBC86CC734B9BDFE856E8057E1F8A8628311CB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-fra.exe</td><td class=\"sbody-td\">9CD9284453997F5944F1B973722E731FF76CEDC8</td><td class=\"sbody-td\">42126089607DB426446A8CCE05F5DB57D02F5902543DBAC35F39365DA7708BBA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-ita.exe</td><td class=\"sbody-td\">17B9A0B91B9ADB37E9B108FB8E1E3A9B07564D04</td><td class=\"sbody-td\">B24F51890C536BD0C383872EC748DA4008EB8A69B20CBFF624447ACFE7EEC3A0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-jpn.exe</td><td class=\"sbody-td\">383C44586CDCE6A6028D78CA6E0D496AFD8DE783</td><td class=\"sbody-td\">F11FE6AE375E32EFD9AE1B1A88F901E2D1954E7651F3C7A674B16F0A6CB68EF7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-kor.exe</td><td class=\"sbody-td\">C272BC3937C0F61CD97F63B6BEB686BFBA976630</td><td class=\"sbody-td\">7CC02D2479F96D9FE543FA3770441B3E8E195A476CE539F14894CBF8DE8920A7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-ptg.exe</td><td class=\"sbody-td\">BF07E353DC1FB99248F3DEB42AA0134F526A4B58</td><td class=\"sbody-td\">3ECE27F0C28618E1696499C355A998464F7F355891F49740FE5C9279D4B79BDC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-ita.exe</td><td class=\"sbody-td\">7CA97C8553705D5008CD7861C40CC37402DDBADB</td><td class=\"sbody-td\">C6D7937D45A0AE56C32BE5D7EA678292D48BCDA791E6D03F61C73C50A30555C8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-heb.exe</td><td class=\"sbody-td\">66DDF35E91D63DCF6465B42FFBFDE0391AFFBAB8</td><td class=\"sbody-td\">985AEC213560E5137EE356997540B11326CC8209193CEF52BD2E9909B77A9A2B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-enu.exe</td><td class=\"sbody-td\">4B54037D71B51DE5E40CEBDD74CBD92891C23EC2</td><td class=\"sbody-td\">EA7369ACBB1F4930F40D0CA9D790325C80703CC7C3990A5008882D4CC500C065</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-deu.exe</td><td class=\"sbody-td\">0F1552EAA72EC08131FF8522E04B249323D4AA0F</td><td class=\"sbody-td\">E2C074E9EE049F73AD523046E26DFB5EF95D168BDE3B21519C7B03A2B7F1FF55</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-chs.exe</td><td class=\"sbody-td\">58BEB55C699CD6F39E2E3FDEFC658B7196309D3A</td><td class=\"sbody-td\">E1C19E133332619AF31A852513077731A7C093D4A85A88A4C2543FC3C14484A8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-cht.exe</td><td class=\"sbody-td\">3FBFD6F2C3B9A3BDC3AE73439A4120D1957A3FE4</td><td class=\"sbody-td\">5A126A41B6409CA317A16200BBECFDF0448123963DF7C7BB00CCC43353DDDBD8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-ell.exe</td><td class=\"sbody-td\">86A43D6105FC1A27C44BA64601F96262A2377643</td><td class=\"sbody-td\">ECA4215216700436EA1DF522A903B8ACAA09FBD0F4744338987C5740A8221233</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-fra.exe</td><td class=\"sbody-td\">CC34FFDB979DE35EAC6728FA092B8E23B64F3A50</td><td class=\"sbody-td\">C6566C046EC063BA9AAC19FC0183AF601B58F1BC4060DD871A6975C7C43F9EC3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-ita.exe</td><td class=\"sbody-td\">0C78B3D3D0EDF32BA42FD345531910A6B281A57F</td><td class=\"sbody-td\">EEC81D39C3D75C185F5D2CAE7B03FD0F520417E7E65F233EF9F52C9861F24E6F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-jpn.exe</td><td class=\"sbody-td\">8B4A900F0C6D943E75C102F713CA2555474C1103</td><td class=\"sbody-td\">80376E7C2BC372D2FF5026EC679E22EC0F6F0F9D3377B458399635C10A3B603F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-kor.exe</td><td class=\"sbody-td\">869B077D8EFF61C4CA075EDCB76225EBE136F993</td><td class=\"sbody-td\">EABB035F20B2518B45607A84154CEB8716ACC7797D7E593A5948EAD7DA94D268</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-ptg.exe</td><td class=\"sbody-td\">F73024C7AD43C1884F7A91DD899E3D6A974E34BB</td><td class=\"sbody-td\">64C326628BA01DD03C57A78C2C2AD0CD6002C1F0716D99DFC5D44B104AF06DEC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-ara.exe</td><td class=\"sbody-td\">611DE842AC9F471A5EE46FD29C7702717CBFF8A7</td><td class=\"sbody-td\">CEC615BA53FCB3791976CEB26BAD4846A65DC26C644F29E7CDCCD9630DA6308E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-trk.exe</td><td class=\"sbody-td\">47077E225965D2245C4D49AADECD6FEEA79A6F27</td><td class=\"sbody-td\">9F7603A43F1CAC6E15B8C8457638F25299AC7828089855740E0F3CCB03901419</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-csy.exe</td><td class=\"sbody-td\">9E2F37DC2E148C19EA6FB455C54602429C3CF683</td><td class=\"sbody-td\">B66788F4BF62235451DE65AA1E49D3C0D7D35DD820CAE320A9B64EE5AABF3EFB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-dan.exe</td><td class=\"sbody-td\">20F2514D4E2C953B024650E9CEA4B35B682BCF6D</td><td class=\"sbody-td\">2BD68162D487AA2E70114000B0508FB9B1AEAD0EB9822895D377C8B38880DDC5</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-heb.exe</td><td class=\"sbody-td\">65A0A789EB052734CB9F303C463AC74CA66FDF61</td><td class=\"sbody-td\">1BD09E9762984F150AB8FA738C4B4157FC69A8D515A5220749BAA20259ABC198</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-hun.exe</td><td class=\"sbody-td\">E2EA19AEB97950EC747D341A3DD2C111C8A7138E</td><td class=\"sbody-td\">A297C533ED4AF43378599279C251BB577FA6A576D4516211B36F733A204E5C44</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-plk.exe</td><td class=\"sbody-td\">A81FE41CCF416F78C2642B3A3C369002614C2CF6</td><td class=\"sbody-td\">6E1EFB3904CB480D221AE4D5E2DC1B2F22F727E9291047AD32473868E51A85EA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-nld.exe</td><td class=\"sbody-td\">CDCDD0ACF4D68F57130C4D4186A1A6948E86E995</td><td class=\"sbody-td\">B08FBD28E9EB22DF2F36BDC339152E5F44E6C89B18B810A25E89C7A326299504</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-rus.exe</td><td class=\"sbody-td\">683968105F8910354B8D0449E5E93AAF47C9867E</td><td class=\"sbody-td\">E7259D5FFCA15E5D3676B7FEB810C9E8C75F42DE9B26BE81619F513C37B33066</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-sve.exe</td><td class=\"sbody-td\">5EA55E5B27D6F786B98343634B234F619FDE6698</td><td class=\"sbody-td\">E05EE9C76E8275DC5640645E543EF19AAEC6441EAFC30E0BD158EDA17508EDD5</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-fin.exe</td><td class=\"sbody-td\">9390F00404DE57046C8C5729612D5D00EB5868C8</td><td class=\"sbody-td\">4979C4773DDA706DBD0F26CD583D6CE6C0A8E615C269EC1F284DF734F6ABA280</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-esn.exe</td><td class=\"sbody-td\">13D40A0E67AF1D9CAA41E5856153913B4C1446CE</td><td class=\"sbody-td\">706B585BBF2045B65D98FF79CB22477B137D96C2161214A2CA82772C2D9310D7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-nor.exe</td><td class=\"sbody-td\">E706400DA83F148690488B1E3486B08BBD46C57A</td><td class=\"sbody-td\">741130172D5839E9AF1D62F274253B68BC4E659EAFC4447EAC4C358C74EF309C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-ptb.exe</td><td class=\"sbody-td\">B7966832F8670D9DC9E45B957E97B7E26F197384</td><td class=\"sbody-td\">4A7A5FB6D1D928536203C066C4A8407CBD682609EC7DB8B8E01C6AA2FB17369D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x86-custom.msu</td><td class=\"sbody-td\">87F046BDE2485015FB54C21DD1A6FFC27B36FED9</td><td class=\"sbody-td\">73FD742B8343E233F91A332E9E1CD8A07C1D2AD2B0B9E761163D2CC4B24B1472</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-sve.exe</td><td class=\"sbody-td\">0B51AF449DD60451F5DB7187083796C19158500C</td><td class=\"sbody-td\">90AB41C5657DE4942A62E4D12D977C14059E38542028D4434AD951DA33D09E01</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-ia64-enu.exe</td><td class=\"sbody-td\">9BF292AF89FBBE09B92D0A2FD40E65E98B456D23</td><td class=\"sbody-td\">4A0C3CDFDBB102EBEC254FC57D867DA561F612809899EA0B211449CE03B62577</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-ia64-fra.exe</td><td class=\"sbody-td\">884A078B24E4A54A21E43FCBF40D40F8C0BC3AA3</td><td class=\"sbody-td\">D0C21CA28CFD902277AB0258FC72B8C6092018A06C1D69311EFC1563542A1A28</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-ia64-deu.exe</td><td class=\"sbody-td\">3206104956B57FE260DB42316F624406BDE9FA4D</td><td class=\"sbody-td\">73EDB297EA162F6E3C79BE864A6D6519A362B9559FA676F597F563DCB9959F9D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-enu.exe</td><td class=\"sbody-td\">A81616A7CE0D3B51099EAEDA61277341D4047E73</td><td class=\"sbody-td\">88EA3E11229A6194751E1A56A0812D2FEF568D2C67703EFE7766358BDFE43477</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-plk.exe</td><td class=\"sbody-td\">F411F9525D70DF6AB85C449451CD2BA3DDEB84AB</td><td class=\"sbody-td\">CA84FF5F07D1B552A822CB83BAF503E155CB99FC9CA390BC4E1E336C6621F540</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-ptb.exe</td><td class=\"sbody-td\">5A33C1A072A2A08FCD239C3676B2CA8EA0218FE1</td><td class=\"sbody-td\">B2D83D61E274F9C647BE23B8214F166394FAD20297759495C45EB867619B862E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-hun.exe</td><td class=\"sbody-td\">B509651B6DEC8AD7EC2A8D4B01BBA292DF589AA7</td><td class=\"sbody-td\">1B39875899ECCE43FC97880453A72B96110706CE3255B774986D966400AC05AD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-esn.exe</td><td class=\"sbody-td\">AC1B97DCC522E7599A89321750F7517180FC9F08</td><td class=\"sbody-td\">422844F2EE87B996D4693762AEF8D4FCF3148DDC621B4CBB3202748BC1561016</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-ita.exe</td><td class=\"sbody-td\">EFC8E666C8E989901B4FF64A52C045FD35D30F8E</td><td class=\"sbody-td\">238590A1A8A1A0857376B57ADABC67B1B08B3C9C3271EDFAF37120A7F6AAA052</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windows6.0-kb2699988-x86.msu</td><td class=\"sbody-td\">A24767B084E0C0613E270C951BB132572BE49031</td><td class=\"sbody-td\">1D8B3FE110C263A84B0F6BBD0CAEAD6B25519682E2307A3C8D65BF711B2AB88E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-enu.exe</td><td class=\"sbody-td\">627C747568C1E21CC2711693E8AABE9E0A5CE6EA</td><td class=\"sbody-td\">BF8F7D43626AE5BFD1E68B27A6A365DF9C044A14DCF7A2595E607CF1214B8DC1</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-fin.exe</td><td class=\"sbody-td\">5AF8ED7189E1C3B35CDCF76AFDC2AAE8670E713B</td><td class=\"sbody-td\">4C17020A572988B01AEB7582BCB104EE0EB69CBA2F6852BBF507022AB1165172</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-csy.exe</td><td class=\"sbody-td\">B879485954774CFD5CF1B9892CBF8DAD5584BF95</td><td class=\"sbody-td\">60F1C6A4AAFA612E82E67F760BFDC0EF7CAAD7D7A039BC292F4E0EC40DF01405</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-esn.exe</td><td class=\"sbody-td\">AEA6E2F646268DE066B110472EC56618FD19F580</td><td class=\"sbody-td\">7E921E9100B967DECAE1E36F011B41F0DC0843AFFB7293224C1085BF19F46FD9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-heb.exe</td><td class=\"sbody-td\">A338ED9E9959B4C933CA5662F11D8B46BD4659A4</td><td class=\"sbody-td\">A65558846B6FFD7F5F949AA77A6994006FEF7BA7B5009C31D7E84B38CBDE2AD4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-hun.exe</td><td class=\"sbody-td\">22E4CD28A2A260A2328F988513230FBA30A0D29E</td><td class=\"sbody-td\">78A2F1C937101C09B15F18B22A82C8180D17DB5A9D5CE0E83CDAD945DB906B51</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-sve.exe</td><td class=\"sbody-td\">2C0FE3C0002A9A683157BE6E03127C7C993B5B88</td><td class=\"sbody-td\">5C0252FDA179573B266ABE1CA31AE8A20DB7AB3031FCC445D2A33E17DF54B14A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-rus.exe</td><td class=\"sbody-td\">1271C5343F3C1D5F9AEFBA0DA3E02EBEE89CF141</td><td class=\"sbody-td\">CAB5FD059EEF1E2582F1F9FE27F0423B9A6996B9A28BF43CF9B278AFA92F0D76</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-nld.exe</td><td class=\"sbody-td\">E6B4ACE0F24AF6DFE51CB6F42AD169F794CE967E</td><td class=\"sbody-td\">9B674CC1DCEF4EBEDE1F0135F27740562546C479C2A482501A6E2A9AB4E708B8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-nor.exe</td><td class=\"sbody-td\">24AF0D8820C4E915785D165F63148397C8F2277F</td><td class=\"sbody-td\">A639E65327BD89BE17D72EC50258248D09F40B6FDA0BBC5E34BFF71CB883C387</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-ptb.exe</td><td class=\"sbody-td\">F6E4B876CF90C2DE18F59E51AF33B9D8E1A428AA</td><td class=\"sbody-td\">1195A57A4D6A56FFCDFA65E3534B7178D91BE2ECB97B62F903B7EB07D06A451B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-dan.exe</td><td class=\"sbody-td\">2E3C68C7A5FE0A597EDD5BE81A83C954729794E7</td><td class=\"sbody-td\">5459A7F7A8683249FD5D9F66C094A8B80EA7F9CA9058197AEFAE652D4EAEF647</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-plk.exe</td><td class=\"sbody-td\">547377A435002F398FBB4FE5B171B06401DFAEDF</td><td class=\"sbody-td\">9B5B3B95C25547F4E06DA645DF92A187D2E74E354A17AD3C123F1358342B1A92</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-chs.exe</td><td class=\"sbody-td\">7A3846DA2D63E81497E41D911678221E006DA4D6</td><td class=\"sbody-td\">AC33C7F7F4BDF265CC060E578CBB2274285AEE36370B292E1AC22CB14331BE12</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-cht.exe</td><td class=\"sbody-td\">3BB4449248FB21F0C653F80AF0E9E6B14F1A66AA</td><td class=\"sbody-td\">D5625D0636064ED40E42C4C220D3487D92DF726CE28469BE58BD1EF1B36E928C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-ara.exe</td><td class=\"sbody-td\">50EF1C981FD9242598E8ED74EF283C73173B3701</td><td class=\"sbody-td\">EF50E1C339F4C2CC816600845D6569BF7023BD1BFD6D2ED44A95066F7CCC9554</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-fra.exe</td><td class=\"sbody-td\">91C217E1837A2CC757D1C0EAC8169A3BF4D9B430</td><td class=\"sbody-td\">C3D06C2BD604277CA518AFF758651C0571CD880B45436DEC972FCA457A0B3FCA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-ita.exe</td><td class=\"sbody-td\">C5954275F75D0A8D00A0082DF814342252F5E287</td><td class=\"sbody-td\">B2262D687B2229EC733350211B896043A37E3B2A7B6F88A05BE46C95F3423E8B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-jpn.exe</td><td class=\"sbody-td\">412FE146E85D7ED2DFFC02B13743580B1229DE1D</td><td class=\"sbody-td\">3F135D9D4A6B056D42BEFDFFC4A157685DB1E1CE0D8C1BBAC220969C0C92BB18</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-trk.exe</td><td class=\"sbody-td\">3E26B00A9B993B3A2FCBF704A84F214F19960F86</td><td class=\"sbody-td\">16BF78D26D068DBD4F6D38DC64B7CA97A663E1633D58BD1EC71273B7CC1C6CC4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-ptg.exe</td><td class=\"sbody-td\">77D39CEDB7A9DE60082A2452EA8643F67093ED2A</td><td class=\"sbody-td\">79843378318633F913626E8B68D175606C3C99B805124F0CDF4DA61780C18DD0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-deu.exe</td><td class=\"sbody-td\">3C4CA53D53CFB32790DC0EC81CA9E3109D10309A</td><td class=\"sbody-td\">FED6BB1DDC0EE120706F7D34BB0311223EF869120E43B2C63D7572716A2A8C3F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-kor.exe</td><td class=\"sbody-td\">3255B624EF7531FE0AB4AB804D274C1336CB749A</td><td class=\"sbody-td\">26E8D1B3EFCB6142530178E7A4DD10D66115F050DDD32C93423D12FB62C54C08</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-ell.exe</td><td class=\"sbody-td\">9BDE62C34C5A31F717A95C257B5DAD53CE79A459</td><td class=\"sbody-td\">12C3F40E7FAD037400EA71E80ED5BC5B5CFB047E981FAE330D1B46171F37BE33</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-rus.exe</td><td class=\"sbody-td\">B67B100A68BFE5C18C48BEB99F34D5DF65B4FB1E</td><td class=\"sbody-td\">F068E9358E5AB3E2D812D550A3DFC4EE24C1D356E4C1686DA2D533A9A7974B7F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-sve.exe</td><td class=\"sbody-td\">3CD1A55606A0BC5D4AE58AF2C22869A9473AECE0</td><td class=\"sbody-td\">5869D94E1EA12E706018CAE16569DD7DFB273702813EA00825197ED57DAD9015</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-esn.exe</td><td class=\"sbody-td\">6F5B01D41FF6A9EBB00D40668321CD78BE6F896A</td><td class=\"sbody-td\">39B4936F0B257EE481074859FC79408DBB7181D300DD306B50FAD40BD48DD7CC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-fin.exe</td><td class=\"sbody-td\">EF87D8C33143C99124B729C7C303D0F46A90D3D5</td><td class=\"sbody-td\">BFE0D0EFC56BA4E571DFEC54E25165E4804BBE28085AEB47D3192D643C1F8555</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-dan.exe</td><td class=\"sbody-td\">C89A99CB92C3EED42021C891E65A5536B7732672</td><td class=\"sbody-td\">E507E6D84FA6901C9F683C32B01C84D52FA2C531E7574DCE03CE6124C81BAF67</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-heb.exe</td><td class=\"sbody-td\">9D6256F165B6987E68FBF3063CBA4D2063F0819F</td><td class=\"sbody-td\">7F3408538C43F3CCADD13EEC833B86A2196C94F5112C2D4154A680BF78D02541</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-nld.exe</td><td class=\"sbody-td\">514BC69C3C2A6615BCC6410C293E6B9BBF389313</td><td class=\"sbody-td\">7400B76A4AD3A67A28FA47F2C6CC2427EDFC1257232362C70AF60E0E5F4D6DD4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-ptb.exe</td><td class=\"sbody-td\">E08874BE1C472C4F54830C3A89678DC7E31706C9</td><td class=\"sbody-td\">DB6239501C6374737B42ED389F576E4B9CC7B5AB925CF23225FE7237897BC67C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-csy.exe</td><td class=\"sbody-td\">B4FFB29252F43F0FF91A0EE26A563EAE99837828</td><td class=\"sbody-td\">02FD91DEECDD6EDB058BD4B498A8429ED2A19E919A324ACBC1A16223D52CC26B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-nor.exe</td><td class=\"sbody-td\">93669F99BBD3BDAC3F3C1D46C06C13FD17EF289A</td><td class=\"sbody-td\">EE01CFF57C560AC76E93794520CE4D983257B3D906F39E03FB7984E9A2A08635</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-hun.exe</td><td class=\"sbody-td\">5F60CADADC9024015ACD01D3D83CEB18CA8DE77E</td><td class=\"sbody-td\">A632F721C4E95D13D12791061E125600790D942F5E3FB54994E6499BDF64AE93</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-plk.exe</td><td class=\"sbody-td\">8A720D7DB6FD302169973BD7FBDA1744A20E607B</td><td class=\"sbody-td\">5E3AF1932818AF5BA49F9D2B41B3E3AEEE1C195600B3D3CDE0428FF081B6FB39</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-trk.exe</td><td class=\"sbody-td\">9E74B3098A9194A5B56CFC1DA1140654F21FE236</td><td class=\"sbody-td\">7561F39798A58CA17B7CE69EE8A10039C0BC085F7351085F7663A790BEFF2698</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-ell.exe</td><td class=\"sbody-td\">C2E6782F96581A34A97A5923DF9B6E40F32AD472</td><td class=\"sbody-td\">AAEC8EE11ABD653753518E4CD70E468A83818D154AC6F145A7FF1FA63DFC4132</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-deu.exe</td><td class=\"sbody-td\">3C28E9CE3DE9FFC4BABB83109AD578B9B01C880D</td><td class=\"sbody-td\">76CFEDC57448FF3C4582059A9B78569C21F7B8AB7C4A35DB40DF516B02A1BC39</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-enu.exe</td><td class=\"sbody-td\">AAEDE07C9A94A51F39345F8B6C360AFFEF733237</td><td class=\"sbody-td\">F1DCA1495ADBEE9868458025E1BF7776465611A275571DD854AB6523B29D8DF6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-jpn.exe</td><td class=\"sbody-td\">A3C33B0AA97F7EEC668EF478E78EC8CD64526675</td><td class=\"sbody-td\">0DF85E4BCF4877CDCE577A6E32532471ABB23792C2CBC630821412B967259EE4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-fra.exe</td><td class=\"sbody-td\">3950B9E1C8BCE927EAF103C2FA26A0E87A2668E4</td><td class=\"sbody-td\">5400C1EFE2A011851186547EB8E88740CF5AB61C343C46993C17C2275BCF8318</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-ptb.exe</td><td class=\"sbody-td\">1929547CF2B0E91C9C4D284C026BF2CF6B7586E9</td><td class=\"sbody-td\">8653DEF834DC28CB1B329CED1310D01F0247FEA71BA1AB94AC32ABAFC85B13C4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-deu.exe</td><td class=\"sbody-td\">5AD34FEF0D2C5E654EB3D6F82BDD280FC45A6F07</td><td class=\"sbody-td\">5F5E29DD1D21DB01D6AFC0ED5145E6072C4194757D2D4E09F916856EFC489D47</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-esn.exe</td><td class=\"sbody-td\">EDAED3C394945A8DF6E10B242D21BA32239118E8</td><td class=\"sbody-td\">FD74A6C482F5212064E6110CD7CD551C6571EFF8BB9D79C796DFBDE18ACBC24A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-rus.exe</td><td class=\"sbody-td\">E0DCD4BE0FFF4EFCA99DB6ADC44628ECE39FA34D</td><td class=\"sbody-td\">D240ABC5547E06B31F20D05251B91C250CAEDFE516A145AEC8093B497B883EE2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-cht.exe</td><td class=\"sbody-td\">3BC88A1260723F1F0C209B974AF658BB9D79EF9D</td><td class=\"sbody-td\">12C15434D3CA0EE8470CF555D8552C6911C398550519B47807F6445B9858D595</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-chs.exe</td><td class=\"sbody-td\">CC1C44D836B3A15A1956D2205C9C2578071D1FCF</td><td class=\"sbody-td\">BEEBC6DD1224CBD12BE4A73913843C4238230D6304599BF9D43D89AA5165B7EB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-ita.exe</td><td class=\"sbody-td\">974C4A2F54136A475567C40F0F684443D2BF580D</td><td class=\"sbody-td\">CED5DB368461BAE1AD9847C75A78B2433618B37FE0D9D9F6264CD2F9F4F3C743</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-kor.exe</td><td class=\"sbody-td\">7AD0EBA699293346BAB941039106564F8BBAB56F</td><td class=\"sbody-td\">2AD67406E693D37C371C90BC52E8366E9B236F1803D54D46B4F36E664E53D41F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-enu.exe</td><td class=\"sbody-td\">5439BA7C52F41037933ADD77D0E31A4FBF2D3822</td><td class=\"sbody-td\">B18DD013FC18980FEB3B8E4B15F3110FABF49AE131E1CBB326472A0B39E5DA4A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-jpn.exe</td><td class=\"sbody-td\">F91190A7DDC0531B655D853E8E0E99004CF2CE1A</td><td class=\"sbody-td\">4970F2751812E0630967A83D994BC032F3FAAAFB160D39066FE796E4101283EA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-fra.exe</td><td class=\"sbody-td\">BF065F6B9B51B77E4FEF9BCC7B5A35F3503D10D0</td><td class=\"sbody-td\">E308E747860F32F54EE27C4E4E7F815B5D4F10E3FDFDD522367285921C8F0006</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-ptb.exe</td><td class=\"sbody-td\">B3A3B01E928556054772BDEDF8063CE2AEB93855</td><td class=\"sbody-td\">2C9BC8CCEAE2701B66BDC44817487E1B2ED905F16775D77633A66807ED7F33BA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-csy.exe</td><td class=\"sbody-td\">13F7596C84BF670D60899F2BFB35D70F05E0A455</td><td class=\"sbody-td\">BCBA4EB440BA927C6C4F720F1E72F764A80EE852FBE9F7408B02E65874A3A849</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-fra.exe</td><td class=\"sbody-td\">CE1F3BE52044FA452D280974DB8EC882194608DB</td><td class=\"sbody-td\">9C2FAAB8AE48FA227A4610D329CE6B6412FBC33B1FB46603C9F2EAE615DDA277</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-nld.exe</td><td class=\"sbody-td\">022C01255EE447DC8BE60340B92C8E377DC98853</td><td class=\"sbody-td\">0C7B8A40EA8E232EAE2EA3D4C02DAD958369B78F2F67DD08336EA9B9DC277024</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-jpn.exe</td><td class=\"sbody-td\">CDB1CD79DC73E8D01D2224608A078226155DE24A</td><td class=\"sbody-td\">29F6065AC9371AA96A49AD35EEA06FFC89FF770CEF6BD5A08996ABDE0FF040F2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-deu.exe</td><td class=\"sbody-td\">B8E0E423B30D465EE158B6349A078281D9BC450C</td><td class=\"sbody-td\">DF7DDAECAEE84E39F119FB8B0E3785179F344285FC7E0AE249662A9AE8079399</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-ptg.exe</td><td class=\"sbody-td\">892351AE6CCC131B871594E756B750394E4CB31C</td><td class=\"sbody-td\">5EA1D3FE5226B8AE22A9FCAB3DA7C7BF3579BE785EC0161A203C908ACFA6972B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-sve.exe</td><td class=\"sbody-td\">363D06E868BCAFB0F7D9A20621D93D5E9DB11DFD</td><td class=\"sbody-td\">5B72C49DA9845A0AB9C6C660ACCFD3944A2D2231C5277AE85B5C1E011AC48051</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-trk.exe</td><td class=\"sbody-td\">2EBF5A591631CDA8D903C7A777E225C4D9D2A43D</td><td class=\"sbody-td\">E3C5F8ADA5852273DD53BFF1B7C21A645C26FE2F7436803A4569D3E5C5BD24C9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-rus.exe</td><td class=\"sbody-td\">713C56ED3A072A617A538532AD39E1E8CB6678A8</td><td class=\"sbody-td\">DF4A593960D29D1EE20696C73B1E72E0E717679B25CA4DE02181D3713DA4D541</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-chs.exe</td><td class=\"sbody-td\">81BE80A10277177FE4F3487E92906F8AA81D7AC2</td><td class=\"sbody-td\">B65CA0340C846863E88E493DF9F88540CB82016B2AA43B9555F1C418DF0DE5D7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-kor.exe</td><td class=\"sbody-td\">92C023E0B30D5E95FAE3B7C716598C3F886A66C5</td><td class=\"sbody-td\">FDD734CF4E87C9A92B350A35955B9999FE45EBF658E58F865A8B763BA8A1F07A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-cht.exe</td><td class=\"sbody-td\">41F71CF7DFAD46396DAB99BE8A92D76B3BFCD526</td><td class=\"sbody-td\">3B87CC03BD142E54C13F995C7343886798228F7D3053097CB211E1008CBDEC81</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x64.msu</td><td class=\"sbody-td\">FC47B501926263E1DB4B448E173F751FD599F4B2</td><td class=\"sbody-td\">C54FB2D9B2FC0C1BA4BDF840E9B400D130692DA37C9044BFB99EC27D970DC5E3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-fra.exe</td><td class=\"sbody-td\">3776561E2520FAD7090ED5B8DB470FA4C3B5DF82</td><td class=\"sbody-td\">3A25E0A1BF6C2B334696C38F8758F386BF4CE4534A3A4DB09FB489B82272A717</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-jpn.exe</td><td class=\"sbody-td\">BCB7C5FC4FBAD5821801F17569CF19A99D981950</td><td class=\"sbody-td\">C0B21D753DC6E541E55CD5AE77E904A67FCCB1020E3B55C8F9CFB3870E1E6CA7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-ptg.exe</td><td class=\"sbody-td\">114319A4920BF07A3D4F6B377DE4D34D4BFC36FC</td><td class=\"sbody-td\">5C34EFF1D3AAC2861327EE08829960DD59DF50864AB89F72D32B2B63130693EC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-enu.exe</td><td class=\"sbody-td\">37BF6B94B5717FC27C264A3A6D2925D38C7B00CB</td><td class=\"sbody-td\">B92BB6D9F9D41F9843EFB4A7AF8067100F98C5F81A446D7CEC370A4F02BEAC7D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-csy.exe</td><td class=\"sbody-td\">0B3E9B63CEA006705FF2E76C971750B5950B8473</td><td class=\"sbody-td\">9A04372C3049D337DE864953C61469B4F5442C94725071BADA5FDCADD5B1D63A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-dan.exe</td><td class=\"sbody-td\">D617FE6600B6987F7B4529BB08619CC0CBD9A881</td><td class=\"sbody-td\">F615C546565DC695FBC4012067039B878EF9773D61C12C15C0CE22295764D152</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-fin.exe</td><td class=\"sbody-td\">D1B4FDD35B0B7268E6CF71FB8F1F0D5F0FC928CC</td><td class=\"sbody-td\">7C9507D8ACAD13198C36685A33ADAB27BDF2A52B54FE29E91692E7A08FA6E36D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-nld.exe</td><td class=\"sbody-td\">0EB3B7ECBC965E68EBED417995F2CAF0EF60BBAB</td><td class=\"sbody-td\">3EA01E2FDFA879BFEEBEF55DEA905A439D5031151C3D00CF8237AB166CFB80E2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-heb.exe</td><td class=\"sbody-td\">F05F5DEB2AEDA0693B0F54B04ACD724D4E5858CC</td><td class=\"sbody-td\">092FDF7238EAED170768E29342C4666A4B5DA63A79F4A860BFE6AFAA7ECB10A2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-ptb.exe</td><td class=\"sbody-td\">B89E033A05B1B276659AF08339A2639126917059</td><td class=\"sbody-td\">CA0B250BACC45006E81A9D797A0A75E2DAF58D36C11A0082103717C356A40A44</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-sve.exe</td><td class=\"sbody-td\">990FAC7E7B8B6BBAD2B71C86796D08F3941F8AFE</td><td class=\"sbody-td\">3B117F63F67DE5F94D363F75F479B6CB51E11D933C0BAEB826C8E6BB60DEDD02</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-nor.exe</td><td class=\"sbody-td\">776FDD3599BE07D1803A55DD34960CA3312B4C3A</td><td class=\"sbody-td\">E23138CEC571877B91952A23FD352259D4BA378400C693B06D128D1B32AB7811</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-esn.exe</td><td class=\"sbody-td\">B2037A19F2319B5D5C1F1FC7B44A073D6B6B9CBC</td><td class=\"sbody-td\">F594F08355A5F2CBBCA6FE898CF7F4632FC69D875CC0688F047A1EA33F653233</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-rus.exe</td><td class=\"sbody-td\">7CA2B440829750044DCC41058FDFA9F9EE194D6A</td><td class=\"sbody-td\">0C468C88EF3306CF2B9D9B59A88594B8F390D70E833B54CAC8D0E5862422F662</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-chs.exe</td><td class=\"sbody-td\">B73B6C5C39CF8699152DBA43E66252F915784CAE</td><td class=\"sbody-td\">D0C3F66E04761FB7133FE7E0B09F9D0E487109E9AEF3E8E1ED34614474321D1B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-ell.exe</td><td class=\"sbody-td\">31C5426B7CEB54525BB38F81CEDA39CC3C204A75</td><td class=\"sbody-td\">D75A254D15524C47E8354AF7A5C34AA0170A6C0017D938B6D089226F13123386</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-ptg.exe</td><td class=\"sbody-td\">B9CC37983CC37B5132AEE1ADF9F16DBA73F09EC2</td><td class=\"sbody-td\">67EC3E4DD2DABB11E970580013BF4B8F94239FEF0D7D68C1D5044679F49762C9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-kor.exe</td><td class=\"sbody-td\">5FE1D21C80B35EC677DAAE6A4A305624551100DB</td><td class=\"sbody-td\">A68E09F4186706CC3F7455008CEC48B3EFCA9DAE78391DDC39C22DCD0BDCBC0A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-trk.exe</td><td class=\"sbody-td\">2B1ED70B291D8F04F002384015EC02D5F70D1CC7</td><td class=\"sbody-td\">320B64857687ACF3AAAC47B499EA401B4CDEA179918AD876C47B0D1CC2D5B440</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-jpn.exe</td><td class=\"sbody-td\">F1127E0A55D14DBAF720BA6E0232DD8D21750633</td><td class=\"sbody-td\">70A812DE2FA438B4573FF1DCCFE9E9F5C7B6857DF5A3314415A56AB76071F709</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-ita.exe</td><td class=\"sbody-td\">7C5E13285247BAA521D4378E90B321EB937F9DDC</td><td class=\"sbody-td\">15B17995D2C2730D8C77B8212B55E7A4011FAA3D3050251DBB964BEDF5F61872</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-fra.exe</td><td class=\"sbody-td\">74A903B9C7FD88E04253CDF90B3B7E64AAC95538</td><td class=\"sbody-td\">84F44D1287EC7FB79946930D2F57CC30A84B621041A2C15A4C18DD11E8717B5B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-fra.exe</td><td class=\"sbody-td\">2396DD3C9709515D323A6A44068A305E5EC6C903</td><td class=\"sbody-td\">EF238010DA1B6506156CD53A78CB56CEB7F45D56E10BF18A80CFFE8CC2FD8C5B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-csy.exe</td><td class=\"sbody-td\">71EA345B4C2CE76EDFDDAB0A4FA997851D17D912</td><td class=\"sbody-td\">EF45C563AD16E80501FAA74965A3243E6D402E69CB66DC784FA9FAEEE9DA2103</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-deu.exe</td><td class=\"sbody-td\">9D75245CF72C1A3B58215AB1E67A671B1B8ED599</td><td class=\"sbody-td\">C8628577DBF8E734735020D143D6628ED038B1A398499ECBD032634B08779365</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-cht.exe</td><td class=\"sbody-td\">7CD990D067B049C7E759D267128FE391D7C56153</td><td class=\"sbody-td\">7067985EE455E4918A1BB8A5A05041709C69567D1EDB81EF8B1C5EB8FD77FA8E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x86.msu</td><td class=\"sbody-td\">6AF6F0836E82C9B49603D7C4DFB558D9812521DF</td><td class=\"sbody-td\">F6D346AF76593CAAEA366565F4E2C73C70E3F4C13D571EBF62FC7D91463544FD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-deu.exe</td><td class=\"sbody-td\">A07152D2384F3C927E2F004AD60609F362B152CC</td><td class=\"sbody-td\">6B43358A64DAD4443F9F2A99E7E6196862504F00D3F50852F9479FA4353853E2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-cht.exe</td><td class=\"sbody-td\">36A6E4F3E77A2F0CBBD4EB56332F3437E35ABAD6</td><td class=\"sbody-td\">314ED06BCA772C28DB45F4242A12A0879EE04068EF2661DB07884464D394AAC0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-enu.exe</td><td class=\"sbody-td\">C781F86FB6CDB7A38C70FCB36EB496812AAAFB36</td><td class=\"sbody-td\">916C3BE4E7FED7397E658D425D00A4436D81B69F2F552F03EC42AC750B6CB619</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-jpn.exe</td><td class=\"sbody-td\">680F5B978A9FE583E12358885700AB90B52E718B</td><td class=\"sbody-td\">15EB52836E07BD39842F59F63EEAE84C728DE24E572C27E2018C8B083FCE382E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windows6.0-kb2699988-x64.msu</td><td class=\"sbody-td\">90F162A98D9FA5AF70B21A79216B8AC9AC18AC02</td><td class=\"sbody-td\">DB206FDF459DB0F02903A41388A578401A3E59EF9204BE4AC51B3808B1278557</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-ia64-jpn.exe</td><td class=\"sbody-td\">044D96A548A7955777280B4AE6127EB688D2AAE6</td><td class=\"sbody-td\">54905D038CAC48EF0EC4454154809A12EDD7C98776B6718D533C843CCC25F85A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.1-kb2699988-x64.msu</td><td class=\"sbody-td\">EF4438C952B2EF46C90AD963097E94C6C7C1397E</td><td class=\"sbody-td\">A17B4D1BC6EE60684A98B7A93C6FBC87EE7AAA6691E7610498AAF516E6E7409B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie9-windows6.0-kb2699988-x64.msu</td><td class=\"sbody-td\">C366FA06288B975FF43661D2BD2B68589DDA3C4B</td><td class=\"sbody-td\">CE8859FB6AD173F1DE957B756D3FD9DB19A556A1BF1C536FA59C0E6A86B38A97</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie9-windows6.1-kb2699988-x64.msu</td><td class=\"sbody-td\">5E9BD26B8D993D64CD0EE8B352E4207305ABCEDB</td><td class=\"sbody-td\">06DDA505893EEBA66592CCB0CDA819FC09468540B79DE5661309BE4280913766</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-enu.exe</td><td class=\"sbody-td\">66EE6EA480E4126D2AE7BDB22C859B0DA86F8197</td><td class=\"sbody-td\">C5D2B28E604456CD0CC7ADC90D493844EE171754116B8D61A8844AC01DE5C03C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-trk.exe</td><td class=\"sbody-td\">58763032E00AB7569060059908CBE87F3BB15F79</td><td class=\"sbody-td\">1CEB696BB948A50D000BF7FE64B8F450EDC7A567F09B489896B403B7FAE3A8B2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-sve.exe</td><td class=\"sbody-td\">32E33B7CB074F07A708C1909E2624B5D4DB5B9DB</td><td class=\"sbody-td\">C8F736140C4D13EAC05750CF2C547BE99435B9258A873B9E991C3F4C571FF3DA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-ita.exe</td><td class=\"sbody-td\">163E6E6CE4ED4F188DA8AD01B322E8CD01890730</td><td class=\"sbody-td\">C93CD88822D018E33A6DB19A38DE02621F81F6EAE84D8FA87C0AD1C2C1640035</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-esn.exe</td><td class=\"sbody-td\">675E8EA8BE7553CD9B356B45A3E95A9A5A5D923E</td><td class=\"sbody-td\">1195EF4BC93807345132B68411EB528E3A3EF9808724A733E24A89F6AF116CF7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-ptg.exe</td><td class=\"sbody-td\">7A113713B6A45E6F9FCC34110FC3B33FFFB85383</td><td class=\"sbody-td\">C8BF8FBFAD188CB4EA95DABC1C101CDF09410762B278F2005CC2B05201C9BE1E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-cht.exe</td><td class=\"sbody-td\">19E54BDD358FBBE4BD6A295D0E0BA4A93823261F</td><td class=\"sbody-td\">415CA80DFFE01EEDF2DEEFA1267E521D35FFD43C58068875F519FF84945ACA57</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-chs.exe</td><td class=\"sbody-td\">3DB7E2951BF981EA504AF81D931689605CF902C4</td><td class=\"sbody-td\">FC24D5CFB71ADAD51E9FA0C03369D35F4988CE7D177AA53EC93161A3F7B9FB16</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-kor.exe</td><td class=\"sbody-td\">0809AFCF5DD5AD4F798FE5B4509ADCB0402FA44D</td><td class=\"sbody-td\">42BF87A8D9F36DF245E9E1A4292847F961225037E91F48099ED447DD49946AFF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-rus.exe</td><td class=\"sbody-td\">368FD918F0FD71D650187920AFFD527733C0DB49</td><td class=\"sbody-td\">410FCC4E76B0737B8EC93BFA8D024D41969BA1F884DC60B3621AF3DCF3F0EE86</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-hun.exe</td><td class=\"sbody-td\">4C755DCFD9542690CE30FA1C1968D335E1C9A75C</td><td class=\"sbody-td\">8EFEDFF8B8F3FBD171420A3E41D293A3CD87B317E5B06DF8E4887F2720634F9F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-deu.exe</td><td class=\"sbody-td\">AEA53C4D6A02093F9D5D651682B3CB579780B71D</td><td class=\"sbody-td\">11D4D77DA11D9623FA3907943FAD97E2C12DE4A29EB57E2F8C62A860A3FC526A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-ptb.exe</td><td class=\"sbody-td\">C5DE9289C0AAEB011F70734C0F9DFF2D4FE7F1A2</td><td class=\"sbody-td\">DE0F0602E3721E42867A41A4091302780E3724B2A3014B4BD215651CC90610AC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-fra.exe</td><td class=\"sbody-td\">028C6234805DC697C74AC87BF5E190BCFCC9DBBB</td><td class=\"sbody-td\">F542CBAD554C4AD231DE6EF0210DF7B9B5F00974A32F1C33F81240C1932544EB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-cht.exe</td><td class=\"sbody-td\">8B4E63BA4900116D2227F88183FF494BC06E9D45</td><td class=\"sbody-td\">4090137752AD08F62916E2A6FA7C9E661FDB3537C14F785194B89AFC0FCB2334</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-esn.exe</td><td class=\"sbody-td\">107D9F72134E1FF575FAE9ED16B60B36647C25EB</td><td class=\"sbody-td\">4A1046C48D29A513334BE91B76D690E9718B9E2DE1CD16D65DB0B2E25046B608</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-rus.exe</td><td class=\"sbody-td\">6F2B39C9AF06A72E724241A719D06857BBFBAA8D</td><td class=\"sbody-td\">9A44D9A71188C5E4271EF8EEB14122BA6A425E99133738230F749CA960D4B48B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-chs.exe</td><td class=\"sbody-td\">B0D54D1DA00ACB42FB3C0FF81B8048B2BCD50AF4</td><td class=\"sbody-td\">F904BDD9E1269B6618D78261F932FA9B4266DA74D8D35AC936944529BF4087A9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-kor.exe</td><td class=\"sbody-td\">BB9E3614A4A3E572F080469259B00C4B18876A91</td><td class=\"sbody-td\">0554173C3BA7F0B9B283DDB97491A5A005DA07939D5CB8596867CEA3BDE55C09</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-ita.exe</td><td class=\"sbody-td\">E980F6D8C67C815CB4A13F90FE9B95236C155D44</td><td class=\"sbody-td\">6725573CAE445A150E98817ADA75396AD5A87A932B8BF0F50E4A8FD50E41F7D0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-ia64-enu.exe</td><td class=\"sbody-td\">0184DDB117FBA7995BA952CBC13474CBF7960913</td><td class=\"sbody-td\">370A76B4AF1EDE8DFC7DEFF22FFF27A7D506A789F2E92FC98CB6F4A02F54BD9B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-ia64-deu.exe</td><td class=\"sbody-td\">0FFB1E1F646FCD08168CA53FDE9FAD82F9870610</td><td class=\"sbody-td\">949C1CF4F4B7569BC58C62764295A1E3F0962C6DA0CD336BA1199B7F66AB5B26</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-ia64-jpn.exe</td><td class=\"sbody-td\">E2D113A096E2EA9B8A743179CD2FD2FACF273C2B</td><td class=\"sbody-td\">E8BB0EB8F73DFA7B3A84A9869CBE69B9ECC942F4CB3BDB1EE26C99D1F4C26116</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-ia64-fra.exe</td><td class=\"sbody-td\">F30CC7836C069322A5FB6FB044A0A44BE20B8209</td><td class=\"sbody-td\">A9FD42F7BBEC37C75172473795CC0B7D1A3A2946BE67689D69EEC31FD537E303</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-enu.exe</td><td class=\"sbody-td\">FF645B69FB06C8A18709B9840E0C7B0608BCFE04</td><td class=\"sbody-td\">223B5749BECBCADA6E4B4B6F39B5CEFF3F5D8429468077CC1DA219E27ED88573</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-ara.exe</td><td class=\"sbody-td\">B48AD2EA8AD544ADF1B769560B66D9C6681E03C1</td><td class=\"sbody-td\">EC1486C6E6F6B8F00C98AD584D5DA73B485E9362B6BC123667AB8992E26E25BF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-cht.exe</td><td class=\"sbody-td\">F6042848D82ABD64A02446964EE7C665E7994A7B</td><td class=\"sbody-td\">B208D9E76562EFB04AD93B1C215AE72BE7A0D195F79579F6D3601AF09E2CA766</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-chs.exe</td><td class=\"sbody-td\">7583ED693D1938572073EE8393BD9330A6DC2B8A</td><td class=\"sbody-td\">49E1BF303EFB221E531300A4EF32A42533DEFC7B03FE89144FEE6AD8494A8603</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-ita.exe</td><td class=\"sbody-td\">6A880E2D1AEEBDDC921BBF97EC61CF3670A52CC0</td><td class=\"sbody-td\">A88C6B635C475BE0377FAC5E02E94A2035075E8DBED4A01DDBF568C5A97F58A2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-kor.exe</td><td class=\"sbody-td\">5ED4D92C574800D725817E29E70676BFD890E959</td><td class=\"sbody-td\">7DBD1B8F44A620533EFAB48A7088BA71BB5A6FFCE084C15E950BA085F95376EB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.1-kb2699988-x86.msu</td><td class=\"sbody-td\">EFBD38FFFCBD41D42565FBB2B5C81A7C6D481702</td><td class=\"sbody-td\">941F302F5A001E8B3FF8C30D6432B52F904DC35144EB7A01BD2D6B6BB6D50F05</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-hun.exe</td><td class=\"sbody-td\">69FE2E4BDAB981ABEC1835920574F4232333A60C</td><td class=\"sbody-td\">1B6E95EB67518AB0A29E42C9CA865DB35F7D8AE928594002E39EE3DBCCB62D2D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-plk.exe</td><td class=\"sbody-td\">880BAA435CC75F813ED336F2A2CD79A47EE816DC</td><td class=\"sbody-td\">28F88822D3573C39DDC1840CC74FEFC7F25FBBB826DF7256AB9B2B486C32EE9C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-ara.exe</td><td class=\"sbody-td\">2DD679D6DD90B0E9DAAB849E8C0323F206387C58</td><td class=\"sbody-td\">95628E28AE52312CB60336D944C7450799323CB1EA7E9E1E049FCDF1F77D1404</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-cht.exe</td><td class=\"sbody-td\">19AE7498A0D539EEAA5E2A8F2D28277B22E856C8</td><td class=\"sbody-td\">D10912B18159C8B7F2020F45DBE151EDD1C6E4C993FDAFC2BBF50DDE0B61C365</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-deu.exe</td><td class=\"sbody-td\">1A76EA27842C198D817CFD55843015D0DE559DF6</td><td class=\"sbody-td\">D3BA1973BB786B482BBECA33C04349A017A7E4E8A060369AD7AF2DE73544B808</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x64-custom.msu</td><td class=\"sbody-td\">75684F371AFF3CF1447A8CFB1E216060CE4EC7C7</td><td class=\"sbody-td\">0FF51FB9C7F23B421945D9BFFC60B1BE931B98E268206352586B391DF0E3B607</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x86.msu</td><td class=\"sbody-td\">AA13BEE8A823317B7ACEB466607F367387B5BCD5</td><td class=\"sbody-td\">C68187086AD80289FB7382950C8C997F659C69BE65884E17D293182270058DBC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x64.msu</td><td class=\"sbody-td\">FA89FAEA099735E482318B8140262F201D3905C8</td><td class=\"sbody-td\">46AF8E91EBBBCCEDA0783395792B1A0B13DB1DBAED84EEFDD0614F011D003AAB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x64-custom.msu</td><td class=\"sbody-td\">98D65BE591213EA09F5F0175BDA8087D46C397DA</td><td class=\"sbody-td\">F6EB40B592B9CF69023258612F355B5EACE3EAB3FE24501E2DD04507BB97DC3D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x86-custom.msu</td><td class=\"sbody-td\">BF57BE47A45B77D4DC8B5400065870FD7A46A466</td><td class=\"sbody-td\">F167531A7F5DC8A5BD213D905E7168F0DB9649A2CCF44E819725A0023B902FD6</td></tr></table></div><h3 class=\"sbody-h3\">How to determine whether you are running a 32-bit or a 64-bit edition of Windows<br/></h3>If you are not sure which version of Windows that you are running or whether it is a 32-bit version or 64-bit version, open System Information (Msinfo32.exe), and review the value that is listed for <strong class=\"uiterm\">System Type</strong>. To do this, follow these steps:<br/><ol class=\"sbody-num_list\"><li>Click <strong class=\"uiterm\">Start</strong>, and then click <strong class=\"uiterm\">Run</strong>, or click <strong class=\"uiterm\">Start Search</strong>. </li><li>Type <strong class=\"uiterm\">msinfo32.exe</strong> and then press ENTER. </li><li>In <strong class=\"uiterm\">System Information</strong>, review the value for <strong class=\"uiterm\">System Type</strong>.<br/><ul class=\"sbody-free_list\"><li>For 32-bit editions of Windows, the <strong class=\"uiterm\">System Type</strong> value is <strong class=\"uiterm\">x86-based PC</strong>. </li><li>For 64-bit editions of Windows, the <strong class=\"uiterm\">System Type</strong> value is <strong class=\"uiterm\">x64-based PC</strong>. </li></ul></li></ol><span>For more information about how to determine whether you are running a 32-bit or 64-bit edition of Windows, click the following article number to view the article in the Microsoft Knowledge Base:<br/><div class=\"indent\"><a href=\"https://support.microsoft.com/en-us/help/827218\" id=\"kb-link-27\">827218 </a>How to determine whether a computer is running a 32-bit version or a 64-bit version of the Windows operating system<br/></div></span></div></body></html>", "edition": 2, "cvss3": {}, "published": "2012-06-12T00:00:00", "type": "mskb", "title": "MS12-037: Cumulative Security Update for Internet Explorer: June 12, 2012", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1876", "CVE-2012-1875", "CVE-2012-1880", "CVE-2012-1872", "CVE-2012-1881", "CVE-2012-1858", "CVE-2012-1878", "CVE-2012-1523", "CVE-2012-1882", "CVE-2012-1879", "CVE-2012-1874", "CVE-2012-1873", "CVE-2012-1877"], "modified": "2012-07-11T22:57:36", "id": "KB2699988", "href": "https://support.microsoft.com/en-us/help/2699988/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-05-19T17:41:45", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS12-050.", "cvss3": {}, "published": "2012-07-11T00:00:00", "type": "openvas", "title": "Microsoft SharePoint Multiple Privilege Elevation Vulnerabilities (2695502)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1862", "CVE-2012-1858", "CVE-2012-1863", "CVE-2012-1861", "CVE-2012-1860", "CVE-2012-1859"], "modified": "2020-05-15T00:00:00", "id": "OPENVAS:1361412562310902847", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902847", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft SharePoint Multiple Privilege Elevation Vulnerabilities (2695502)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902847\");\n script_version(\"2020-05-15T08:09:24+0000\");\n script_bugtraq_id(53842, 54312, 54313, 54314, 54315, 54316);\n script_cve_id(\"CVE-2012-1858\", \"CVE-2012-1859\", \"CVE-2012-1860\", \"CVE-2012-1861\",\n \"CVE-2012-1862\", \"CVE-2012-1863\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-15 08:09:24 +0000 (Fri, 15 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-07-11 11:11:11 +0530 (Wed, 11 Jul 2012)\");\n script_name(\"Microsoft SharePoint Multiple Privilege Elevation Vulnerabilities (2695502)\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1027232\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-050\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\", \"gb_ms_sharepoint_sever_n_foundation_detect.nasl\", \"secpod_office_products_version_900032.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow an attacker to bypass certain security\n restrictions and conduct cross-site scripting and spoofing attacks.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft InfoPath 2010\n\n - Microsoft Groove Server 2010\n\n - Microsoft Office Web Apps 2010\n\n - Microsoft SharePoint Server 2010\n\n - Microsoft SharePoint Foundation 2010\n\n - Microsoft InfoPath 2007 Service Pack 2\n\n - Microsoft InfoPath 2007 Service Pack 3\n\n - Microsoft InfoPath 2010 Service Pack 1\n\n - Microsoft Groove Server 2010 Service Pack 1\n\n - Microsoft Office Web Apps 2010 Service Pack 1\n\n - Microsoft SharePoint Server 2010 Service Pack 1\n\n - Microsoft SharePoint Foundation 2010 Service Pack 1\n\n - Microsoft Office SharePoint Server 2007 Service Pack 2\n\n - Microsoft Office SharePoint Server 2007 Service Pack 3\n\n - Microsoft Windows SharePoint Services 3.0 Service Pack 2\");\n\n script_tag(name:\"insight\", value:\"- Certain input is not properly sanitised in the 'SafeHTML' API before being\n returned to the user.\n\n - Certain unspecified input is not properly sanitised in scriptresx.ashx\n before being returned to the user. This can be exploited to execute\n arbitrary HTML and script code in a user's browser session in context of\n an affected site.\n\n - An error when validating search scope permissions can be exploited to view\n or modify another user's search scope.\n\n - Certain unspecified input associated with a username is not properly\n sanitised before being returned to the user. This can be exploited to\n execute arbitrary HTML and script code in a user's browser session in\n context of an affected site.\n\n - Certain unspecified input associated with a URL is not properly verified\n before being used to redirect users. This can be exploited to redirect a\n user to an arbitrary website.\n\n - Certain unspecified input associated with a reflected list parameter is\n not properly sanitised before being returned to the user. This can be\n exploited to execute arbitrary HTML and script code in a user's browser\n session in context of an affected site.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS12-050.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n## InfoPath 2007 and InfoPath 2010\nkeys = make_list(\"SOFTWARE\\Microsoft\\Office\\12.0\\InfoPath\\InstallRoot\",\n \"SOFTWARE\\Microsoft\\Office\\14.0\\InfoPath\\InstallRoot\");\nforeach key(keys)\n{\n if(registry_key_exists(key:key))\n {\n infoPath = registry_get_sz(key:key, item:\"Path\");\n\n if(infoPath)\n {\n exeVer = fetch_file_version(sysPath:infoPath, file_name:\"Infopath.Exe\");\n dllVer = fetch_file_version(sysPath:infoPath, file_name:\"Ipeditor.dll\");\n if((exeVer &&\n (version_in_range(version:exeVer, test_version:\"12.0\", test_version2:\"12.0.6661.4999\") ||\n version_in_range(version:exeVer, test_version:\"14.0\", test_version2:\"14.0.6120.4999\"))) ||\n (dllVer &&\n (version_in_range(version:dllVer, test_version:\"12.0\", test_version2:\"12.0.6661.4999\") ||\n version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.6120.4999\"))))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n}\n\n## Microsoft Groove 2010\nexeVer = get_kb_item(\"SMB/Office/Groove/Version\");\nif(exeVer && exeVer =~ \"^14\\.\")\n{\n key = \"SOFTWARE\\Microsoft\\Office Server\\14.0\\Groove\";\n if(registry_key_exists(key:key))\n {\n dllPath = registry_get_sz(key:key, item:\"EMSInstallDir\");\n if(dllPath)\n {\n dllVer = fetch_file_version(sysPath:dllPath, file_name:\"groovems.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.6116.4999\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n }\n}\n\ncpe_list = make_list(\"cpe:/a:microsoft:sharepoint_server\", \"cpe:/a:microsoft:sharepoint_foundation\", \"cpe:/a:microsoft:sharepoint_services\");\n\nif(!infos = get_app_version_and_location_from_list(cpe_list:cpe_list, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\ncpe = infos[\"cpe\"];\n\n## SharePoint Server 2007 and 2010\nif(\"cpe:/a:microsoft:sharepoint_server\" >< cpe)\n{\n ## SharePoint Server 2007 Service Pack 2 (coreserver)\n if(vers =~ \"^12\\.\"){\n key = \"SOFTWARE\\Microsoft\\Office Server\\12.0\";\n file = \"Microsoft.sharepoint.publishing.dll\";\n }\n\n ## SharePoint Server 2010 (wosrv)\n else if(vers =~ \"^14\\.\"){\n key = \"SOFTWARE\\Microsoft\\Office Server\\14.0\";\n file = \"Microsoft.office.server.native.dll\";\n }\n\n if(key && registry_key_exists(key:key) && file)\n {\n if(path = registry_get_sz(key:key, item:\"BinPath\"))\n {\n dllVer = fetch_file_version(sysPath:path, file_name:file);\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"12.0\", test_version2:\"12.0.6660.4999\") ||\n version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.6108.4999\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n }\n}\n\n## SharePoint Foundation 2010\nif(\"cpe:/a:microsoft:sharepoint_foundation\" >< cpe)\n{\n key = \"SOFTWARE\\Microsoft\\Shared Tools\\Web Server Extensions\\14.0\";\n if(registry_key_exists(key:key))\n {\n dllPath = registry_get_sz(key:key, item:\"Location\");\n if(dllPath)\n {\n dllVer = fetch_file_version(sysPath:dllPath, file_name:\"BIN\\Onetutil.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.6120.5004\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n }\n}\n\n## SharePoint Services 3.0 and 2.0\nif(\"cpe:/a:microsoft:sharepoint_services\" >< cpe)\n{\n key = \"SOFTWARE\\Microsoft\\Shared Tools\";\n if(registry_key_exists(key:key))\n {\n dllPath = registry_get_sz(key:key, item:\"SharedFilesDir\");\n if(dllPath)\n {\n dllVer = fetch_file_version(sysPath:dllPath, file_name:\"web server extensions\\12\\BIN\\Onetutil.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"12.0\", test_version2:\"12.0.6661.4999\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n\n dllVer2 = fetch_file_version(sysPath:dllPath, file_name:\"web server extensions\\60\\BIN\\Onetutil.dll\");\n if(dllVer2 && dllVer2 =~ \"^11\\.0\")\n {\n if(version_is_less(version:dllVer2, test_version:\"11.0.8346.0\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n }\n}\n\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-14T10:50:56", "description": "This host is missing a critical security update according to\n Microsoft Bulletin MS12-039.", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "openvas", "title": "Microsoft Lync Remote Code Execution Vulnerabilities (2707956)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1858", "CVE-2011-3402", "CVE-2012-0159", "CVE-2012-1849"], "modified": "2017-06-29T00:00:00", "id": "OPENVAS:902842", "href": "http://plugins.openvas.org/nasl.php?oid=902842", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms12-039.nasl 6473 2017-06-29 06:07:30Z cfischer $\n#\n# Microsoft Lync Remote Code Execution Vulnerabilities (2707956)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow an attacker to execute arbitrary code\n with kernel-level privileges. Failed exploit attempts may result in a\n denial of service condition.\n Impact Level: System/Application\";\ntag_affected = \"Microsoft Lync 2010\n Microsoft Lync 2010 Attendee\n Microsoft Lync 2010 Attendant\n Microsoft Communicator 2007 R2\";\ntag_insight = \"- An error within the Win32k kernel-mode driver (win32k.sys) when parsing\n TrueType fonts.\n - An error in the t2embed.dll module when parsing TrueType fonts.\n - The client loads libraries in an insecure manner, which can be exploited\n to load arbitrary libraries by tricking a user into opening a '.ocsmeet'\n file located on a remote WebDAV or SMB share.\n - An unspecified error in the 'SafeHTML' API when sanitising HTML code can\n be exploited to execute arbitrary HTML and script code in the user's chat\n session.\";\ntag_solution = \"Run Windows Update and update the listed hotfixes or download and\n update mentioned hotfixes in the advisory from the below link,\n http://technet.microsoft.com/en-us/security/bulletin/ms12-039\";\ntag_summary = \"This host is missing a critical security update according to\n Microsoft Bulletin MS12-039.\";\n\nif(description)\n{\n script_id(902842);\n script_version(\"$Revision: 6473 $\");\n script_bugtraq_id(50462, 53335, 53831, 53833);\n script_cve_id(\"CVE-2011-3402\", \"CVE-2012-0159\", \"CVE-2012-1849\", \"CVE-2012-1858\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-06-29 08:07:30 +0200 (Thu, 29 Jun 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-13 11:11:11 +0530 (Wed, 13 Jun 2012)\");\n script_name(\"Microsoft Lync Remote Code Execution Vulnerabilities (2707956)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/48429\");\n script_xref(name : \"URL\" , value : \"http://www.securitytracker.com/id/1027150\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms12-039\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_ms_lync_detect_win.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"MS/Lync/Installed\");\n\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n## Variables Initialization\npath = \"\";\noglVer = \"\";\nattVer = \"\";\ncommVer = \"\";\n\n## Check for Microsoft Lync 2010/Communicator 2007 R2\nif(get_kb_item(\"MS/Lync/Ver\"))\n{\n ## Get Installed Path\n path = get_kb_item(\"MS/Lync/path\");\n if(path)\n {\n ## Get Version from communicator.exe\n commVer = fetch_file_version(sysPath:path, file_name:\"communicator.exe\");\n if(commVer)\n {\n if(version_in_range(version:commVer, test_version:\"3.5\", test_version2:\"3.5.6907.252\")||\n version_in_range(version:commVer, test_version:\"4.0\", test_version2:\"4.0.7577.4097\"))\n {\n security_message(0);\n exit(0);\n }\n }\n }\n}\n\n## For Microsoft Lync 2010 Attendee (admin level install) \n## For Microsoft Lync 2010 Attendee (user level install) \nif(get_kb_item(\"MS/Lync/Attendee/Ver\"))\n{\n ## Get Installed Path\n path = get_kb_item(\"MS/Lync/Attendee/path\");\n if(path)\n {\n ## Get Version from Ogl.dll\n oglVer = fetch_file_version(sysPath:path, file_name:\"Ogl.dll\");\n if(oglVer)\n {\n if(version_in_range(version:oglVer, test_version:\"4.0\", test_version2:\"4.0.7577.4097\"))\n {\n security_message(0);\n exit(0);\n }\n }\n }\n}\n\n## Check for Microsoft Lync 2010 Attendant\nif(get_kb_item(\"MS/Lync/Attendant/Ver\"))\n{\n ## Get Installed Path\n path = get_kb_item(\"MS/Lync/Attendant/path\");\n if(path)\n {\n ## Get Version from AttendantConsole.exe\n attVer = fetch_file_version(sysPath:path, file_name:\"AttendantConsole.exe\");\n if(attVer)\n {\n if(version_in_range(version:attVer, test_version:\"4.0\", test_version2:\"4.0.7577.4097\"))\n {\n security_message(0);\n exit(0);\n }\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-06-10T19:55:18", "description": "This host is missing a critical security update according to\n Microsoft Bulletin MS12-039.", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "openvas", "title": "Microsoft Lync Remote Code Execution Vulnerabilities (2707956)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1858", "CVE-2011-3402", "CVE-2012-0159", "CVE-2012-1849"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310902842", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902842", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Lync Remote Code Execution Vulnerabilities (2707956)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2012 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902842\");\n script_version(\"2020-06-09T10:15:40+0000\");\n script_bugtraq_id(50462, 53335, 53831, 53833);\n script_cve_id(\"CVE-2011-3402\", \"CVE-2012-0159\", \"CVE-2012-1849\", \"CVE-2012-1858\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 10:15:40 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-06-13 11:11:11 +0530 (Wed, 13 Jun 2012)\");\n script_name(\"Microsoft Lync Remote Code Execution Vulnerabilities (2707956)\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1027150\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-039\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_ms_lync_detect_win.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"MS/Lync/Installed\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow an attacker to execute arbitrary code\n with kernel-level privileges. Failed exploit attempts may result in a\n denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Lync 2010\n\n - Microsoft Lync 2010 Attendee\n\n - Microsoft Lync 2010 Attendant\n\n - Microsoft Communicator 2007 R2\");\n\n script_tag(name:\"insight\", value:\"- An error within the Win32k kernel-mode driver (win32k.sys) when parsing\n TrueType fonts.\n\n - An error in the t2embed.dll module when parsing TrueType fonts.\n\n - The client loads libraries in an insecure manner, which can be exploited\n to load arbitrary libraries by tricking a user into opening a '.ocsmeet'\n file located on a remote WebDAV or SMB share.\n\n - An unspecified error in the 'SafeHTML' API when sanitising HTML code can\n be exploited to execute arbitrary HTML and script code in the user's chat\n session.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security update according to\n Microsoft Bulletin MS12-039.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(get_kb_item(\"MS/Lync/Ver\"))\n{\n path = get_kb_item(\"MS/Lync/path\");\n if(path)\n {\n commVer = fetch_file_version(sysPath:path, file_name:\"communicator.exe\");\n if(commVer)\n {\n if(version_in_range(version:commVer, test_version:\"3.5\", test_version2:\"3.5.6907.252\")||\n version_in_range(version:commVer, test_version:\"4.0\", test_version2:\"4.0.7577.4097\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n}\n\n## For Microsoft Lync 2010 Attendee (admin level install)\n## For Microsoft Lync 2010 Attendee (user level install)\nif(get_kb_item(\"MS/Lync/Attendee/Ver\"))\n{\n path = get_kb_item(\"MS/Lync/Attendee/path\");\n if(path)\n {\n oglVer = fetch_file_version(sysPath:path, file_name:\"Ogl.dll\");\n if(oglVer)\n {\n if(version_in_range(version:oglVer, test_version:\"4.0\", test_version2:\"4.0.7577.4097\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n}\n\nif(get_kb_item(\"MS/Lync/Attendant/Ver\"))\n{\n path = get_kb_item(\"MS/Lync/Attendant/path\");\n if(path)\n {\n attVer = fetch_file_version(sysPath:path, file_name:\"AttendantConsole.exe\");\n if(attVer)\n {\n if(version_in_range(version:attVer, test_version:\"4.0\", test_version2:\"4.0.7577.4097\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-20T08:50:17", "description": "This host is missing a critical security update according to\n Microsoft Bulletin MS12-037.", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "openvas", "title": "Microsoft Internet Explorer Multiple Vulnerabilities (2699988)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1876", "CVE-2012-1875", "CVE-2012-1880", "CVE-2012-1872", "CVE-2012-1881", "CVE-2012-1858", "CVE-2012-1878", "CVE-2012-1523", "CVE-2012-1882", "CVE-2012-1879", "CVE-2012-1874", "CVE-2012-1873", "CVE-2012-1877"], "modified": "2017-07-05T00:00:00", "id": "OPENVAS:902682", "href": "http://plugins.openvas.org/nasl.php?oid=902682", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms12-037.nasl 6526 2017-07-05 05:43:52Z cfischer $\n#\n# Microsoft Internet Explorer Multiple Vulnerabilities (2699988)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow remote attackers to gain sensitive\n information or execute arbitrary code in the context of the application.\n Impact Level: System/Application\";\ntag_affected = \"Microsoft Internet Explorer version 6.x/7.x/8.x/9.x\";\ntag_insight = \"Multiple vulnerabilities are due to the way that Internet Explorer,\n - Handles content using specific strings when sanitizing HTML.\n - Handles EUC-JP character encoding.\n - Processes NULL bytes, which allows to disclose content from the process\n memory.\n - Accesses an object that has been deleted, which allows to corrupt memory\n using Internet Explorer Developer Toolbar.\n - Accesses an object that does not exist, when handling the 'Col' element.\n - Accesses an object that has been deleted, when handling Same ID Property,\n 'Title' element, 'OnBeforeDeactivate' event, 'insertRow' method and\n 'OnRowsInserted' event allows to corrupt memory.\n - Accesses an undefined memory location, when handling the\n 'insertAdjacentText' method allows to corrupt memory.\n - Handles 'Scrolling' event.\";\ntag_solution = \"Run Windows Update and update the listed hotfixes or download and\n update mentioned hotfixes in the advisory from the below link,\n http://technet.microsoft.com/en-us/security/bulletin/ms12-037\";\ntag_summary = \"This host is missing a critical security update according to\n Microsoft Bulletin MS12-037.\";\n\nif(description)\n{\n script_id(902682);\n script_version(\"$Revision: 6526 $\");\n script_cve_id(\"CVE-2012-1523\", \"CVE-2012-1858\", \"CVE-2012-1872\", \"CVE-2012-1873\",\n \"CVE-2012-1874\", \"CVE-2012-1875\", \"CVE-2012-1876\", \"CVE-2012-1877\",\n \"CVE-2012-1878\", \"CVE-2012-1879\", \"CVE-2012-1880\", \"CVE-2012-1881\",\n \"CVE-2012-1882\");\n script_bugtraq_id(53841, 53842, 53843, 53844, 53845, 53847, 53848, 53866,\n 53867, 53868, 53869, 53870, 53871);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-05 07:43:52 +0200 (Wed, 05 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-13 09:16:32 +0530 (Wed, 13 Jun 2012)\");\n script_name(\"Microsoft Internet Explorer Multiple Vulnerabilities (2699988)\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_ie_detect.nasl\");\n script_mandatory_keys(\"MS/IE/Version\");\n script_require_ports(139, 445);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/49412/\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2699988\");\n script_xref(name : \"URL\" , value : \"http://www.securitytracker.com/id/1027147\");\n script_xref(name : \"URL\" , value : \"http://www.securelist.com/en/advisories/49412\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms12-037\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n## Variables Initialization\nsysPath = \"\";\nieVer = \"\";\ndllVer = NULL;\n\n## Check for OS and Service Pack\nif(hotfix_check_sp(xp:4, win2003:3, winVista:3, win2008:3, win7:2) <= 0){\n exit(0);\n}\n\n## Get IE Version from KB\nieVer = get_kb_item(\"MS/IE/Version\");\nif(!ieVer || !(ieVer =~ \"^(6|7|8|9)\")){\n exit(0);\n}\n\n## Get System Path\nsysPath = smb_get_systemroot();\nif(!sysPath ){\n exit(0);\n}\n\n## Get Version from Mshtml.dll\ndllVer = fetch_file_version(sysPath, file_name:\"system32\\Mshtml.dll\");\nif(!dllVer){\n exit(0);\n}\n\n## Windows XP\nif(hotfix_check_sp(xp:4) > 0)\n{\n ## Check for Mshtml.dll version\n if(version_in_range(version:dllVer, test_version:\"6.0.2900.0000\", test_version2:\"6.0.2900.6211\")||\n version_in_range(version:dllVer, test_version:\"7.0.0000.00000\", test_version2:\"7.0.6000.17109\")||\n version_in_range(version:dllVer, test_version:\"7.0.6000.20000\", test_version2:\"7.0.6000.21311\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.18000\", test_version2:\"8.0.6001.19257\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.20000\", test_version2:\"8.0.6001.23344\")){\n security_message(0);\n }\n exit(0);\n}\n\n## Windows 2003\nelse if(hotfix_check_sp(win2003:3) > 0)\n{\n ## Check for Mshtml.dll version\n if(version_in_range(version:dllVer, test_version:\"6.0.3790.0000\", test_version2:\"6.0.3790.4985\") ||\n version_in_range(version:dllVer, test_version:\"7.0.0000.00000\", test_version2:\"7.0.6000.17109\")||\n version_in_range(version:dllVer, test_version:\"7.0.6000.21000\", test_version2:\"7.0.6000.21311\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.18000\", test_version2:\"8.0.6001.19257\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.20000\", test_version2:\"8.0.6001.23344\")){\n security_message(0);\n }\n exit(0);\n}\n\n## Windows Vista and Windows Server 2008\nelse if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n{\n ## Check for Mshtml.dll version\n if(version_in_range(version:dllVer, test_version:\"7.0.6002.18000\", test_version2:\"7.0.6002.18615\")||\n version_in_range(version:dllVer, test_version:\"7.0.6002.22000\", test_version2:\"7.0.6002.22837\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.18000\", test_version2:\"8.0.6001.19271\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.20000\", test_version2:\"8.0.6001.23358\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.16000\", test_version2:\"9.0.8112.16445\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.20000\", test_version2:\"9.0.8112.20550\")){\n security_message(0);\n }\n exit(0);\n}\n\n## Windows 7\nelse if(hotfix_check_sp(win7:2) > 0)\n{\n ## Check for Mshtml.dll version\n if(version_in_range(version:dllVer, test_version:\"8.0.7600.16000\", test_version2:\"8.0.7600.17005\")||\n version_in_range(version:dllVer, test_version:\"8.0.7600.20000\", test_version2:\"8.0.7600.21197\")||\n version_in_range(version:dllVer, test_version:\"8.0.7601.16000\", test_version2:\"8.0.7601.17823\")||\n version_in_range(version:dllVer, test_version:\"8.0.7601.21000\", test_version2:\"8.0.7601.21975\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.16000\", test_version2:\"9.0.8112.16445\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.20000\", test_version2:\"9.0.8112.20550\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-06-10T19:59:47", "description": "This host is missing a critical security update according to\n Microsoft Bulletin MS12-037.", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "openvas", "title": "Microsoft Internet Explorer Multiple Vulnerabilities (2699988)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1876", "CVE-2012-1875", "CVE-2012-1880", "CVE-2012-1872", "CVE-2012-1881", "CVE-2012-1858", "CVE-2012-1878", "CVE-2012-1523", "CVE-2012-1882", "CVE-2012-1879", "CVE-2012-1874", "CVE-2012-1873", "CVE-2012-1877"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310902682", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902682", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Internet Explorer Multiple Vulnerabilities (2699988)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2012 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902682\");\n script_version(\"2020-06-09T10:15:40+0000\");\n script_cve_id(\"CVE-2012-1523\", \"CVE-2012-1858\", \"CVE-2012-1872\", \"CVE-2012-1873\",\n \"CVE-2012-1874\", \"CVE-2012-1875\", \"CVE-2012-1876\", \"CVE-2012-1877\",\n \"CVE-2012-1878\", \"CVE-2012-1879\", \"CVE-2012-1880\", \"CVE-2012-1881\",\n \"CVE-2012-1882\");\n script_bugtraq_id(53841, 53842, 53843, 53844, 53845, 53847, 53848, 53866,\n 53867, 53868, 53869, 53870, 53871);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 10:15:40 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-06-13 09:16:32 +0530 (Wed, 13 Jun 2012)\");\n script_name(\"Microsoft Internet Explorer Multiple Vulnerabilities (2699988)\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_ie_detect.nasl\");\n script_mandatory_keys(\"MS/IE/Version\");\n script_require_ports(139, 445);\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow remote attackers to gain sensitive\n information or execute arbitrary code in the context of the application.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Internet Explorer version 6.x/7.x/8.x/9.x.\");\n\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities are due to the way that Internet Explorer,\n\n - Handles content using specific strings when sanitizing HTML.\n\n - Handles EUC-JP character encoding.\n\n - Processes NULL bytes, which allows to disclose content from the process\n memory.\n\n - Accesses an object that has been deleted, which allows to corrupt memory\n using Internet Explorer Developer Toolbar.\n\n - Accesses an object that does not exist, when handling the 'Col' element.\n\n - Accesses an object that has been deleted, when handling Same ID Property,\n 'Title' element, 'OnBeforeDeactivate' event, 'insertRow' method and\n 'OnRowsInserted' event allows to corrupt memory.\n\n - Accesses an undefined memory location, when handling the\n 'insertAdjacentText' method allows to corrupt memory.\n\n - Handles 'Scrolling' event.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security update according to\n Microsoft Bulletin MS12-037.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2699988\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1027147\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/49412\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-037\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(xp:4, win2003:3, winVista:3, win2008:3, win7:2) <= 0){\n exit(0);\n}\n\nieVer = get_kb_item(\"MS/IE/Version\");\nif(!ieVer || ieVer !~ \"^[6-9]\\.\"){\n exit(0);\n}\n\nsysPath = smb_get_systemroot();\nif(!sysPath ){\n exit(0);\n}\n\ndllVer = fetch_file_version(sysPath:sysPath, file_name:\"system32\\Mshtml.dll\");\nif(!dllVer){\n exit(0);\n}\n\nif(hotfix_check_sp(xp:4) > 0)\n{\n if(version_in_range(version:dllVer, test_version:\"6.0.2900.0000\", test_version2:\"6.0.2900.6211\")||\n version_in_range(version:dllVer, test_version:\"7.0.0000.00000\", test_version2:\"7.0.6000.17109\")||\n version_in_range(version:dllVer, test_version:\"7.0.6000.20000\", test_version2:\"7.0.6000.21311\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.18000\", test_version2:\"8.0.6001.19257\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.20000\", test_version2:\"8.0.6001.23344\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n\nelse if(hotfix_check_sp(win2003:3) > 0)\n{\n if(version_in_range(version:dllVer, test_version:\"6.0.3790.0000\", test_version2:\"6.0.3790.4985\") ||\n version_in_range(version:dllVer, test_version:\"7.0.0000.00000\", test_version2:\"7.0.6000.17109\")||\n version_in_range(version:dllVer, test_version:\"7.0.6000.21000\", test_version2:\"7.0.6000.21311\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.18000\", test_version2:\"8.0.6001.19257\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.20000\", test_version2:\"8.0.6001.23344\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n\nelse if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n{\n if(version_in_range(version:dllVer, test_version:\"7.0.6002.18000\", test_version2:\"7.0.6002.18615\")||\n version_in_range(version:dllVer, test_version:\"7.0.6002.22000\", test_version2:\"7.0.6002.22837\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.18000\", test_version2:\"8.0.6001.19271\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.20000\", test_version2:\"8.0.6001.23358\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.16000\", test_version2:\"9.0.8112.16445\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.20000\", test_version2:\"9.0.8112.20550\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n\nelse if(hotfix_check_sp(win7:2) > 0)\n{\n if(version_in_range(version:dllVer, test_version:\"8.0.7600.16000\", test_version2:\"8.0.7600.17005\")||\n version_in_range(version:dllVer, test_version:\"8.0.7600.20000\", test_version2:\"8.0.7600.21197\")||\n version_in_range(version:dllVer, test_version:\"8.0.7601.16000\", test_version2:\"8.0.7601.17823\")||\n version_in_range(version:dllVer, test_version:\"8.0.7601.21000\", test_version2:\"8.0.7601.21975\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.16000\", test_version2:\"9.0.8112.16445\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.20000\", test_version2:\"9.0.8112.20550\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:47", "description": "Crossite scripting, URL redirection.", "cvss3": {}, "published": "2012-07-11T00:00:00", "type": "securityvulns", "title": "Microsoft Sharepoint multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2012-1862", "CVE-2012-1858", "CVE-2012-1863", "CVE-2012-1861", "CVE-2012-1860", "CVE-2012-1859"], "modified": "2012-07-11T00:00:00", "id": "SECURITYVULNS:VULN:12466", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12466", "sourceData": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:02:41", "description": "Font parsing vulnerabilities, unsafe DLL loading, crossite scripting.", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "securityvulns", "title": "Mictosoft Lync multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2012-1858", "CVE-2011-3402", "CVE-2012-0159", "CVE-2012-1849"], "modified": "2012-06-13T00:00:00", "id": "SECURITYVULNS:VULN:12406", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12406", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:16:47", "description": "Multiple memory corruptions, code executions, information leakage.", "cvss3": {}, "published": "2012-06-25T00:00:00", "type": "securityvulns", "title": "Microsoft Internet Explorer multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2012-1876", "CVE-2012-1875", "CVE-2012-1880", "CVE-2012-1872", "CVE-2012-1881", "CVE-2012-1858", "CVE-2012-1878", "CVE-2012-1523", "CVE-2012-1882", "CVE-2012-1879", "CVE-2012-1874", "CVE-2012-1873", "CVE-2012-1877"], "modified": "2012-06-25T00:00:00", "id": "SECURITYVULNS:VULN:12404", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12404", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "checkpoint_advisories": [{"lastseen": "2022-11-28T07:11:25", "description": "An information disclosure and elevation of privilege vulnerability has been reported in Microsoft SharePoint.", "cvss3": {}, "published": "2012-07-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft SharePoint XSS scriptresx.ashx Elevation of Privilege (MS12-050; CVE-2012-1859)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2012-1859"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2012-306", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-28T07:11:07", "description": "An elevation of privilege and cross-site scripting vulnerability has been reported in Microsoft SharePoint.", "cvss3": {}, "published": "2012-07-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft SharePoint Script in Username Cross-site Scripting (MS12-050; CVE-2012-1861)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2012-1861"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2012-310", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-28T07:12:12", "description": "An information disclosure and elevation of privilege vulnerability has been reported in Microsoft SharePoint.", "cvss3": {}, "published": "2012-07-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft SharePoint Reflected List Parameter XSS (MS12-050; CVE-2012-1863)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2012-1863"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2012-302", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-28T07:01:52", "description": "A cross-site scripting vulnerability has been discovered in Microsoft SharePoint. The vulnerability is due to insufficient sanitization of the List parameter. A remote attacker could trigger this flaw by enticing a user to follow a URL containing script code in the List parameter.", "cvss3": {}, "published": "2013-03-12T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft SharePoint Reflected List Parameter Cross-site Scripting (SA49875; CVE-2012-1863)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2012-1863"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2013-1601", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-28T07:11:40", "description": "A cross-site scripting vulnerability has been reported in Microsoft SharePoint.", "cvss3": {}, "published": "2012-07-10T00:00:00", "type": "checkpoint_advisories", "title": "Preemptive Protection against Microsoft SharePoint HTML Sanitization Cross-site Scripting (MS12-050; CVE-2012-1858)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2012-1858"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2012-309", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-12-17T19:56:15", "description": "An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way that the toStaticHTML API within Internet Explorer handles content using specific strings when sanitizing HTML. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted web page. Successful exploitation could allow an attacker to perform cross-site scripting attacks against affected users, resulting in script execution in the target's security context.", "cvss3": {}, "published": "2015-05-18T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Internet Explorer HTML Sanitization Information Disclosure (MS12-037) - Ver2 (CVE-2012-1858)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1858"], "modified": "2015-05-18T00:00:00", "id": "CPAI-2015-0698", "href": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-11-28T07:09:08", "description": "An information disclosure vulnerability has been reported in Microsoft Internet Explorer.", "cvss3": {}, "published": "2012-06-12T00:00:00", "type": "checkpoint_advisories", "title": "Internet Explorer HTML Sanitization Information Disclosure (MS12-039; CVE-2012-1858)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2012-1858"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2012-255", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}], "seebug": [{"lastseen": "2017-11-19T17:53:32", "description": "Bugtraq ID:54312\r\nCVE ID:CVE-2012-1859\r\n\r\nMicrosoft SharePoint Server\u662f\u4e00\u6b3e\u670d\u52a1\u5668\u529f\u80fd\u96c6\u6210\u5957\u4ef6\uff0c\u63d0\u4f9b\u5168\u9762\u7684\u5185\u5bb9\u7ba1\u7406\u548c\u4f01\u4e1a\u641c\u7d22\u3001\u52a0\u901f\u5171\u4eab\u4e1a\u52a1\u6d41\u7a0b\u5e76\u4fbf\u5229\u8de8\u754c\u9650\u4fe1\u606f\u5171\u4eab\u3002\r\nMicrosoft SharePoint Server scriptresx.ashx\u811a\u672c\u5b58\u5728\u4e00\u4e2a\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7\u5728URL\u4e2d\u6784\u5efa\u7279\u5236JavaScript\u5143\u7d20\uff0c\u6ce8\u5165\u4efb\u610fWEB\u811a\u672c\u6216HTML\uff0c\u53ef\u83b7\u5f97\u654f\u611f\u4fe1\u606f\u6216\u52ab\u6301\u7528\u6237\u4f1a\u8bdd\u3002\n0\nMicrosoft SharePoint Server 2010 Standard Edition\r\nMicrosoft SharePoint Server 2010 SP1\r\nMicrosoft SharePoint Foundation 2010 SP1\r\nMicrosoft SharePoint Foundation 2010\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\r\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://technet.microsoft.com/security/bulletin/MS12-050", "cvss3": {}, "published": "2012-07-11T00:00:00", "type": "seebug", "title": "Microsoft SharePoint 'scriptresx.ashx'\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2012-1859"], "modified": "2012-07-11T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60278", "id": "SSV:60278", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-11-19T17:53:20", "description": "Bugtraq ID:54316\r\nCVE ID:CVE-2012-1863\r\n\r\nMicrosoft SharePoint Server\u662f\u4e00\u6b3e\u670d\u52a1\u5668\u529f\u80fd\u96c6\u6210\u5957\u4ef6\uff0c\u63d0\u4f9b\u5168\u9762\u7684\u5185\u5bb9\u7ba1\u7406\u548c\u4f01\u4e1a\u641c\u7d22\u3001\u52a0\u901f\u5171\u4eab\u4e1a\u52a1\u6d41\u7a0b\u5e76\u4fbf\u5229\u8de8\u754c\u9650\u4fe1\u606f\u5171\u4eab\u3002\r\nMicrosoft SharePoint Server\u5b58\u5728\u4e00\u4e2a\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7URL\u4e2d\u7279\u5236\u7684JavaScript\u5143\u7d20\uff0c\u6ce8\u5165\u4efb\u610fWEB\u811a\u672c\u6216HTML\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u83b7\u5f97\u654f\u611f\u4fe1\u606f\u6216\u52ab\u6301\u7528\u6237\u4f1a\u8bdd\u3002\r\n0\r\nMicrosoft SharePoint Foundation 2010 SP1\r\nMicrosoft SharePoint Foundation 2010\r\nMicrosoft InfoPath 2010\r\nMicrosoft InfoPath 2007 SP2\r\nMicrosoft InfoPath 2007\r\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\r\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://technet.microsoft.com/security/bulletin/MS12-050", "cvss3": {}, "published": "2012-07-11T00:00:00", "type": "seebug", "title": "Microsoft SharePoint \u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e(CVE-2012-1863)", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2012-1863"], "modified": "2012-07-11T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60277", "id": "SSV:60277", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-11-19T17:50:55", "description": "Bugtraq ID:54315\r\nCVE ID:CVE-2012-1862\r\n\r\nMicrosoft SharePoint Server\u662f\u4e00\u6b3e\u670d\u52a1\u5668\u529f\u80fd\u96c6\u6210\u5957\u4ef6\uff0c\u63d0\u4f9b\u5168\u9762\u7684\u5185\u5bb9\u7ba1\u7406\u548c\u4f01\u4e1a\u641c\u7d22\u3001\u52a0\u901f\u5171\u4eab\u4e1a\u52a1\u6d41\u7a0b\u5e76\u4fbf\u5229\u8de8\u754c\u9650\u4fe1\u606f\u5171\u4eab\u3002\r\nMicrosoft SharePoint Server\u5b58\u5728\u4e00\u4e2a\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236URL\uff0c\u91cd\u5b9a\u5411\u7528\u6237\u5230\u4efb\u610fWEB\u7ad9\u70b9\uff0c\u8fdb\u884c\u7f51\u7edc\u9493\u9c7c\u7b49\u653b\u51fb\u3002\r\n0\r\nMicrosoft InfoPath 2010\r\nMicrosoft InfoPath 2007 SP2\r\nMicrosoft InfoPath 2007\r\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\r\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://technet.microsoft.com/security/bulletin/MS12-050", "published": "2012-07-11T00:00:00", "type": "seebug", "title": "Microsoft SharePoint CVE-2012-1862 URI\u91cd\u5b9a\u5411\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-1862"], "modified": "2012-07-11T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60273", "id": "SSV:60273", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T16:51:07", "description": "No description provided by source.", "cvss3": {}, "published": "2014-07-01T00:00:00", "title": "IE9, SharePoint, Lync toStaticHTML HTML Sanitizing Bypass", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2012-1858"], "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-73689", "id": "SSV:73689", "sourceData": "\n toStaticHTML: The Second Encounter (CVE-2012-1858)\r\n\r\n*HTML Sanitizing Bypass -\r\n*CVE-2012-1858<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1858>\r\n\r\nOriginal advisory -\r\nhttp://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html\r\n\r\nIntroduction\r\n\r\nThe *toStaticHTML* component, which is found in Internet Explorer > 8,\r\nSharePoint and Lync is used to sanitize HTML fragments from dynamic and\r\npotentially malicious content.\r\n\r\nIf an attacker is able to break the filtering mechanism and pass malicious\r\ncode through this function, he/she may be able to perform HTML injection\r\nbased attacks (i.e. XSS).\r\n\r\nIt has been a year since the first\r\nencounter<http://blog.watchfire.com/wfblog/2011/07/tostatichtml-html-sanitizing-bypass.html>\r\nwas\r\npublished, we've now returned with a new bypass method.\r\n\r\nVulnerability\r\n\r\nAn attacker is able to create a specially formed CSS that will overcome *\r\ntoStaticHTML*'s security logic; therefore, after passing the specially\r\ncrafted CSS string through the *toStaticHTML* function, it will contain an\r\nexpression that triggers a JavaScript call.\r\n\r\nThe following JavaScript code demonstrates the vulnerability:\r\n\r\n*<script>document.write(toStaticHTML("<style>\r\ndiv{font-family:rgb('0,0,0)'''}foo');color=expression(alert(1));{}\r\n</style><div>POC</div>"))</script>*\r\n\r\nIn this case the function's return value would be JavaScript executable:\r\n\r\n*<style>\r\ndiv{font-family:rgb('0,0,0)''';}foo');color=expression(alert(1));{;}</style>\r\n<div>POC</div>*\r\n\r\n\r\n\r\nThe reason this code bypasses the filter engine is due to two reasons:\r\n\r\n 1. The filtering engine allows the string "expression(" to exists in\r\n "non-dangerous" locations within the CSS.\r\n 2. A bug in Internet Explorer's CSS parsing engine doesn't properly\r\n terminate strings that are opened inside brackets and closed outside of\r\n them.\r\n\r\nWhen combining these two factors the attacker is able to "confuse" the\r\nfiltering mechanism into "thinking" that a string is open when in fact it\r\nis terminated and vice versa. With this ability the attacker can trick the\r\nfiltering mechanism into entering a state of the selector context which is\r\nconsidered safer where in fact the code is just a new declaration of the\r\nsame selector, thus breaking the state machine and bypassing the filter.\r\n\r\n\r\n\r\nImpact\r\n\r\nEvery application that relies on the *toStaticHTML* component to sanitize\r\nuser supplied data had probably been vulnerable to XSS.\r\n\r\n\r\n\r\nRemediation\r\n\r\nMicrosoft has issued several updates to address this vulnerability.\r\n\r\nMS12-037 - http://technet.microsoft.com/en-us/security/bulletin/ms12-037\r\n\r\nMS12-039 - http://technet.microsoft.com/en-us/security/bulletin/ms12-039\r\n\r\nMS12-050 - http://technet.microsoft.com/en-us/security/bulletin/MS12-050\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-73689", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-11-19T17:51:37", "description": "CVE ID: CVE-2012-1858\r\n\r\nMicrosoft Lync \u65b0\u4e00\u4ee3\u4f01\u4e1a\u6574\u5408\u6c9f\u901a\u5e73\u53f0\uff08\u524d\u8eab\u4e3a Communications Server\uff09\uff0c\u63d0\u4f9b\u4e86\u4e00\u79cd\u5168\u65b0\u7684\u3001\u76f4\u89c2\u7684\u7528\u6237\u4f53\u9a8c\uff0c\u8de8\u8d8a PC\u3001Web\u3001\u624b\u673a\u7b49\u5176\u4ed6\u79fb\u52a8\u8bbe\u5907\uff0c\u5c06\u4e0d\u540c\u7684\u6c9f\u901a\u65b9\u5f0f\u96c6\u6210\u5230\u4e00\u4e2a\u5e73\u53f0\u4e4b\u4e2d\u3002\r\n\r\nMicrosoft Lync HTML\u8fc7\u6ee4\u65f6\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u53ef\u5141\u8bb8\u653b\u51fb\u8005\u6267\u884cXSS\u653b\u51fb\u548c\u8fd0\u884c\u811a\u672c\u3002\r\n0\r\nMicrosoft Lync 2010\r\nMicrosoft Office Communicator 2007\r\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n\u5982\u679c\u60a8\u4e0d\u80fd\u7acb\u523b\u5b89\u88c5\u8865\u4e01\u6216\u8005\u5347\u7ea7\uff0c\u5efa\u8bae\u60a8\u91c7\u53d6\u4ee5\u4e0b\u63aa\u65bd\u4ee5\u964d\u4f4e\u5a01\u80c1\uff1a\r\n\r\n* \u7981\u6b62\u4eceWebDAV\u548c\u8fdc\u7a0b\u7f51\u7edc\u5171\u4eab\u52a0\u8f7d\u5e93\u3002\r\n\r\n* \u5728\u9632\u706b\u5899\u963b\u6b62TCP\u7aef\u53e3139\u548c445\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMicrosoft\r\n---------\r\nMicrosoft\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08MS12-039\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\nMS12-039\uff1aVulnerabilities in Lync Could Allow Remote Code Execution (2707956)\r\n\r\n\u94fe\u63a5\uff1ahttp://www.microsoft.com/technet/security/bulletin/MS12-039 .asp", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "seebug", "title": "Microsoft Lync/Office Communicator HTML\u4ee3\u7801\u8fc7\u6ee4\u6f0f\u6d1e (CVE-2012-1858) (MS12-039)", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2012-1858"], "modified": "2012-06-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60209", "id": "SSV:60209", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "cve": [{"lastseen": "2023-02-09T14:03:37", "description": "Cross-site scripting (XSS) vulnerability in scriptresx.ashx in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a URL, aka \"XSS scriptresx.ashx Vulnerability.\"", "cvss3": {}, "published": "2012-07-10T21:55:00", "type": "cve", "title": "CVE-2012-1859", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1859"], "modified": "2018-10-12T22:02:00", "cpe": ["cpe:/a:microsoft:office_web_apps:2010", "cpe:/a:microsoft:sharepoint_server:2010", "cpe:/a:microsoft:sharepoint_foundation:2010"], "id": "CVE-2012-1859", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1859", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_foundation:2010:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_web_apps:2010:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:03:37", "description": "Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a URL, aka \"SharePoint Script in Username Vulnerability.\"", "cvss3": {}, "published": "2012-07-10T21:55:00", "type": "cve", "title": "CVE-2012-1861", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1861"], "modified": "2018-10-12T22:02:00", "cpe": ["cpe:/a:microsoft:office_web_apps:2010", "cpe:/a:microsoft:sharepoint_server:2010", "cpe:/a:microsoft:sharepoint_foundation:2010"], "id": "CVE-2012-1861", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1861", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_foundation:2010:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_web_apps:2010:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:03:38", "description": "Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a URL, aka \"SharePoint Reflected List Parameter Vulnerability.\"", "cvss3": {}, "published": "2012-07-10T21:55:00", "type": "cve", "title": "CVE-2012-1863", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1863"], "modified": "2018-10-12T22:02:00", "cpe": ["cpe:/a:microsoft:sharepoint_services:3.0", "cpe:/a:microsoft:sharepoint_server:2007", "cpe:/a:microsoft:office_sharepoint_server:2007", "cpe:/a:microsoft:sharepoint_foundation:2010"], "id": "CVE-2012-1863", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1863", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_services:3.0:sp2:x32:*:*:*:*:*", "cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp2:x32:*:*:*:*:*", "cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp3:x32:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp2:x64:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_sharepoint_server:2007:sp3:x64:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_services:3.0:sp2:x64:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:03:37", "description": "Open redirect vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka \"SharePoint URL Redirection Vulnerability.\"", "cvss3": {}, "published": "2012-07-10T21:55:00", "type": "cve", "title": "CVE-2012-1862", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1862"], "modified": "2018-10-12T22:02:00", "cpe": ["cpe:/a:microsoft:sharepoint_server:2007"], "id": "CVE-2012-1862", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1862", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:03:36", "description": "The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document, aka \"HTML Sanitization Vulnerability.\"", "cvss3": {}, "published": "2012-06-12T22:55:00", "type": "cve", "title": "CVE-2012-1858", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1858"], "modified": "2021-07-23T15:12:00", "cpe": ["cpe:/a:microsoft:internet_explorer:9", "cpe:/a:microsoft:office_communicator:2007", "cpe:/a:microsoft:internet_explorer:8", "cpe:/a:microsoft:lync:2010"], "id": "CVE-2012-1858", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1858", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:lync:2010:*:x86:*:*:*:*:*", "cpe:2.3:a:microsoft:office_communicator:2007:r2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:lync:2010:*:x64:*:*:*:*:*", "cpe:2.3:a:microsoft:lync:2010:*:attendee:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:03:36", "description": "Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 do not properly check permissions for search scopes, which allows remote authenticated users to obtain sensitive information or cause a denial of service (data modification) by changing a parameter in a search-scope URL, aka \"SharePoint Search Scope Vulnerability.\"", "cvss3": {}, "published": "2012-07-10T21:55:00", "type": "cve", "title": "CVE-2012-1860", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1860"], "modified": "2018-10-12T22:02:00", "cpe": ["cpe:/a:microsoft:office_web_apps:2010", "cpe:/a:microsoft:sharepoint_server:2007", "cpe:/a:microsoft:sharepoint_server:2010"], "id": "CVE-2012-1860", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1860", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:P"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_server:2010:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_web_apps:2010:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2007:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:*"]}], "symantec": [{"lastseen": "2021-06-08T19:04:08", "description": "### Description\n\nMicrosoft SharePoint is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.\n\n### Technologies Affected\n\n * Microsoft InfoPath 2007 SP2 \n * Microsoft InfoPath 2007 SP3 \n * Microsoft InfoPath 2010 \n * Microsoft InfoPath 2010 SP1 (32-bit editions) \n * Microsoft InfoPath 2010 SP1 (64-bit editions) \n * Microsoft SharePoint Foundation 2010 \n * Microsoft SharePoint Foundation 2010 SP1 \n * Microsoft SharePoint Server 2010 SP1 \n * Microsoft SharePoint Server 2010 Standard Edition \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nFilter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit. \n\n**Run all software as a nonprivileged user with minimal access rights.** \nAttackers may successfully exploit client flaws in the browser through cross-site scripting vulnerabilities. When possible, run client software as regular user accounts with limited access to system resources. This may limit the immediate consequences of client-side vulnerabilities. \n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to detect and block attacks and anomalous activity such as requests containing suspicious URI sequences. Since the webserver may log such requests, review logs regularly.\n\n**Set web browser security to disable the execution of script code or active content.** \nSince exploiting cross-site scripting issues often requires malicious script code to run in browsers, consider disabling script code and active content support within a client browser as a way to prevent a successful exploit. Note that this mitigation tactic might adversely affect legitimate sites that rely on the execution of browser-based script code. \n\nVendor updates are available. Please see the references for more information.\n", "cvss3": {}, "published": "2012-07-10T00:00:00", "type": "symantec", "title": "Microsoft SharePoint CVE-2012-1861 HTML Injection Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-1861"], "modified": "2012-07-10T00:00:00", "id": "SMNTC-54313", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/54313", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2021-06-08T19:04:09", "description": "### Description\n\nMicrosoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to perform unauthorized actions such as reading, modifying, or deleting content on behalf of the victim on the SharePoint site.\n\n### Technologies Affected\n\n * Microsoft InfoPath 2007 \n * Microsoft InfoPath 2007 SP2 \n * Microsoft InfoPath 2007 SP3 \n * Microsoft InfoPath 2010 (32-bit editions) \n * Microsoft InfoPath 2010 (64-bit editions) \n * Microsoft InfoPath 2010 \n * Microsoft InfoPath 2010 SP1 (32-bit editions) \n * Microsoft InfoPath 2010 SP1 (64-bit editions) \n * Microsoft Office SharePoint Server 2007 SP2 (64-bit) \n * Microsoft Office SharePoint Server 2007 SP2 \n * Microsoft Office SharePoint Server 2007 SP3 (64-bit) \n * Microsoft Office SharePoint Server 2007 SP3 \n * Microsoft SharePoint Foundation 2010 \n * Microsoft SharePoint Foundation 2010 SP1 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nAttackers may successfully exploit client flaws in the browser through cross-site scripting vulnerabilities. When possible, run client software as regular user accounts with limited access to system resources. This may limit the immediate consequences of client-side vulnerabilities. \n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to detect and block attacks and anomalous activity such as requests containing suspicious URI sequences. Since the webserver may log such requests, review its logs regularly.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to websites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users. \n\n**Set web browser security to disable the execution of script code or active content.** \nSince exploiting cross-site scripting issues often requires malicious script code to run in browsers, consider disabling script code and active content support within a client browser as a way to prevent a successful exploit. Note that this mitigation tactic might adversely affect legitimate sites that rely on the execution of browser-based script code. \n\nVendor updates are available. Please see the references for more information.\n", "cvss3": {}, "published": "2012-07-10T00:00:00", "type": "symantec", "title": "Microsoft SharePoint CVE-2012-1863 Cross Site Scripting Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-1863"], "modified": "2012-07-10T00:00:00", "id": "SMNTC-54316", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/54316", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2021-06-08T19:04:08", "description": "### Description\n\nMicrosoft SharePoint is prone to an open-redirection vulnerability because the application fails to properly sanitize user-supplied input. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.\n\n### Technologies Affected\n\n * Microsoft InfoPath 2007 \n * Microsoft InfoPath 2007 SP2 \n * Microsoft InfoPath 2007 SP3 \n * Microsoft InfoPath 2010 (32-bit editions) \n * Microsoft InfoPath 2010 (64-bit editions) \n * Microsoft InfoPath 2010 \n * Microsoft InfoPath 2010 SP1 (32-bit editions) \n * Microsoft InfoPath 2010 SP1 (64-bit editions) \n * Microsoft Office SharePoint Server 2007 SP2 (64-bit) \n * Microsoft Office SharePoint Server 2007 SP2 \n * Microsoft Office SharePoint Server 2007 SP3 (64-bit) \n * Microsoft Office SharePoint Server 2007 SP3 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to detect and block attacks and anomalous activity such as requests containing suspicious URI sequences. Since the webserver may log such requests, review its logs regularly.\n\n**Do not follow links provided by unknown or untrusted sources.** \nTo reduce the likelihood of successful exploits, never visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources.\n\nVendor updates are available. Please see the references for more information.\n", "cvss3": {}, "published": "2012-07-10T00:00:00", "type": "symantec", "title": "Microsoft SharePoint CVE-2012-1862 URI Redirection Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-1862"], "modified": "2012-07-10T00:00:00", "id": "SMNTC-54315", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/54315", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:04:08", "description": "### Description\n\nMicrosoft Internet Explorer and Microsoft Lync are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.\n\n### Technologies Affected\n\n * Microsoft Groove Server 2010 \n * Microsoft Groove Server 2010 SP1 \n * Microsoft InfoPath 2007 SP2 \n * Microsoft InfoPath 2007 SP3 \n * Microsoft InfoPath 2010 (32-bit editions) \n * Microsoft InfoPath 2010 (64-bit editions) \n * Microsoft InfoPath 2010 SP1 (32-bit editions) \n * Microsoft Internet Explorer 8 \n * Microsoft Internet Explorer 9 \n * Microsoft Lync 2010 \n * Microsoft Lync 2010 Attendant (32-bit) \n * Microsoft Lync 2010 Attendant (64-bit) \n * Microsoft Lync 2010 Attendee \n * Microsoft Office Communicator 2007 R2 \n * Microsoft Office SharePoint Server 2007 SP2 (64-bit) \n * Microsoft Office SharePoint Server 2007 SP2 \n * Microsoft Office SharePoint Server 2007 SP3 (64-bit) \n * Microsoft Office SharePoint Server 2007 SP3 \n * Microsoft Office Web Apps 2010 \n * Microsoft Office Web Apps 2010 SP1 \n * Microsoft SharePoint Foundation 2010 \n * Microsoft SharePoint Foundation 2010 SP1 \n * Microsoft SharePoint Server 2010 Enterprise Edition \n * Microsoft SharePoint Server 2010 SP1 \n * Microsoft SharePoint Server 2010 Standard Edition \n * Microsoft Windows SharePoint Services 3.0 SP2 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nWhen possible, run all software as a user with minimal privileges and limited access to system resources. Use additional precautions such as restrictive environments to insulate software that may potentially handle malicious content.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This may indicate exploit attempts or activity that results from successful exploits.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\nVendor updates are available. Please see the references for details.\n", "cvss3": {}, "published": "2012-06-12T00:00:00", "type": "symantec", "title": "Microsoft Internet Explorer And Microsoft Lync HTML Sanitizing Information Disclosure Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-1858"], "modified": "2012-06-12T00:00:00", "id": "SMNTC-53842", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/53842", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "packetstorm": [{"lastseen": "2016-12-05T22:23:57", "description": "", "cvss3": {}, "published": "2012-07-11T00:00:00", "type": "packetstorm", "title": "toStaticHTML HTML Sanitizing Bypass", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2012-1858"], "modified": "2012-07-11T00:00:00", "id": "PACKETSTORM:114615", "href": "https://packetstormsecurity.com/files/114615/toStaticHTML-HTML-Sanitizing-Bypass.html", "sourceData": "`toStaticHTML: The Second Encounter (CVE-2012-1858) \n \n*HTML Sanitizing Bypass - \n*CVE-2012-1858<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1858> \n \nOriginal advisory - \nhttp://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html \n \nIntroduction \n \nThe *toStaticHTML* component, which is found in Internet Explorer > 8, \nSharePoint and Lync is used to sanitize HTML fragments from dynamic and \npotentially malicious content. \n \nIf an attacker is able to break the filtering mechanism and pass malicious \ncode through this function, he/she may be able to perform HTML injection \nbased attacks (i.e. XSS). \n \nIt has been a year since the first \nencounter<http://blog.watchfire.com/wfblog/2011/07/tostatichtml-html-sanitizing-bypass.html> \nwas \npublished, we've now returned with a new bypass method. \n \nVulnerability \n \nAn attacker is able to create a specially formed CSS that will overcome * \ntoStaticHTML*'s security logic; therefore, after passing the specially \ncrafted CSS string through the *toStaticHTML* function, it will contain an \nexpression that triggers a JavaScript call. \n \nThe following JavaScript code demonstrates the vulnerability: \n \n*<script>document.write(toStaticHTML(\"<style> \ndiv{font-family:rgb('0,0,0)'''}foo');color=expression(alert(1));{} \n</style><div>POC</div>\"))</script>* \n \nIn this case the function's return value would be JavaScript executable: \n \n*<style> \ndiv{font-family:rgb('0,0,0)''';}foo');color=expression(alert(1));{;}</style> \n<div>POC</div>* \n \n \n \nThe reason this code bypasses the filter engine is due to two reasons: \n \n1. The filtering engine allows the string \"expression(\" to exists in \n\"non-dangerous\" locations within the CSS. \n2. A bug in Internet Explorer's CSS parsing engine doesn't properly \nterminate strings that are opened inside brackets and closed outside of \nthem. \n \nWhen combining these two factors the attacker is able to \"confuse\" the \nfiltering mechanism into \"thinking\" that a string is open when in fact it \nis terminated and vice versa. With this ability the attacker can trick the \nfiltering mechanism into entering a state of the selector context which is \nconsidered safer where in fact the code is just a new declaration of the \nsame selector, thus breaking the state machine and bypassing the filter. \n \n \n \nImpact \n \nEvery application that relies on the *toStaticHTML* component to sanitize \nuser supplied data had probably been vulnerable to XSS. \n \n \n \nRemediation \n \nMicrosoft has issued several updates to address this vulnerability. \n \nMS12-037 - http://technet.microsoft.com/en-us/security/bulletin/ms12-037 \n \nMS12-039 - http://technet.microsoft.com/en-us/security/bulletin/ms12-039 \n \nMS12-050 - http://technet.microsoft.com/en-us/security/bulletin/MS12-050 \n`\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/114615/tostatichtml-xss.txt"}], "exploitpack": [{"lastseen": "2020-04-01T19:04:32", "description": "\nMicrosoft Internet Explorer 9 SharePoint Lync - toStaticHTML HTML Sanitizing Bypass (MS12-037MS12-039MS12-050)", "cvss3": {}, "published": "2012-07-12T00:00:00", "type": "exploitpack", "title": "Microsoft Internet Explorer 9 SharePoint Lync - toStaticHTML HTML Sanitizing Bypass (MS12-037MS12-039MS12-050)", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1858"], "modified": "2012-07-12T00:00:00", "id": "EXPLOITPACK:A4C844F13ADB3E9DD54232C27BB897A6", "href": "", "sourceData": "toStaticHTML: The Second Encounter (CVE-2012-1858)\n\n*HTML Sanitizing Bypass -\n*CVE-2012-1858<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1858>\n\nOriginal advisory -\nhttp://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html\n\nIntroduction\n\nThe *toStaticHTML* component, which is found in Internet Explorer > 8,\nSharePoint and Lync is used to sanitize HTML fragments from dynamic and\npotentially malicious content.\n\nIf an attacker is able to break the filtering mechanism and pass malicious\ncode through this function, he/she may be able to perform HTML injection\nbased attacks (i.e. XSS).\n\nIt has been a year since the first\nencounter<http://blog.watchfire.com/wfblog/2011/07/tostatichtml-html-sanitizing-bypass.html>\nwas\npublished, we've now returned with a new bypass method.\n\nVulnerability\n\nAn attacker is able to create a specially formed CSS that will overcome *\ntoStaticHTML*'s security logic; therefore, after passing the specially\ncrafted CSS string through the *toStaticHTML* function, it will contain an\nexpression that triggers a JavaScript call.\n\nThe following JavaScript code demonstrates the vulnerability:\n\n*<script>document.write(toStaticHTML(\"<style>\ndiv{font-family:rgb('0,0,0)'''}foo');color=expression(alert(1));{}\n</style><div>POC</div>\"))</script>*\n\nIn this case the function's return value would be JavaScript executable:\n\n*<style>\ndiv{font-family:rgb('0,0,0)''';}foo');color=expression(alert(1));{;}</style>\n<div>POC</div>*\n\n\n\nThe reason this code bypasses the filter engine is due to two reasons:\n\n 1. The filtering engine allows the string \"expression(\" to exists in\n \"non-dangerous\" locations within the CSS.\n 2. A bug in Internet Explorer's CSS parsing engine doesn't properly\n terminate strings that are opened inside brackets and closed outside of\n them.\n\nWhen combining these two factors the attacker is able to \"confuse\" the\nfiltering mechanism into \"thinking\" that a string is open when in fact it\nis terminated and vice versa. With this ability the attacker can trick the\nfiltering mechanism into entering a state of the selector context which is\nconsidered safer where in fact the code is just a new declaration of the\nsame selector, thus breaking the state machine and bypassing the filter.\n\n\n\nImpact\n\nEvery application that relies on the *toStaticHTML* component to sanitize\nuser supplied data had probably been vulnerable to XSS.\n\n\n\nRemediation\n\nMicrosoft has issued several updates to address this vulnerability.\n\nMS12-037 - http://technet.microsoft.com/en-us/security/bulletin/ms12-037\n\nMS12-039 - http://technet.microsoft.com/en-us/security/bulletin/ms12-039\n\nMS12-050 - http://technet.microsoft.com/en-us/security/bulletin/MS12-050", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "exploitdb": [{"lastseen": "2022-08-16T09:04:06", "description": "", "cvss3": {}, "published": "2012-07-12T00:00:00", "type": "exploitdb", "title": "Microsoft Internet Explorer 9 / SharePoint / Lync - toStaticHTML HTML Sanitizing Bypass (MS12-037/MS12-039/MS12-050)", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["2012-1858", "CVE-2012-1858"], "modified": "2012-07-12T00:00:00", "id": "EDB-ID:19777", "href": "https://www.exploit-db.com/exploits/19777", "sourceData": "toStaticHTML: The Second Encounter (CVE-2012-1858)\r\n\r\n*HTML Sanitizing Bypass -\r\n*CVE-2012-1858<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1858>\r\n\r\nOriginal advisory -\r\nhttp://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html\r\n\r\nIntroduction\r\n\r\nThe *toStaticHTML* component, which is found in Internet Explorer > 8,\r\nSharePoint and Lync is used to sanitize HTML fragments from dynamic and\r\npotentially malicious content.\r\n\r\nIf an attacker is able to break the filtering mechanism and pass malicious\r\ncode through this function, he/she may be able to perform HTML injection\r\nbased attacks (i.e. XSS).\r\n\r\nIt has been a year since the first\r\nencounter<http://blog.watchfire.com/wfblog/2011/07/tostatichtml-html-sanitizing-bypass.html>\r\nwas\r\npublished, we've now returned with a new bypass method.\r\n\r\nVulnerability\r\n\r\nAn attacker is able to create a specially formed CSS that will overcome *\r\ntoStaticHTML*'s security logic; therefore, after passing the specially\r\ncrafted CSS string through the *toStaticHTML* function, it will contain an\r\nexpression that triggers a JavaScript call.\r\n\r\nThe following JavaScript code demonstrates the vulnerability:\r\n\r\n*<script>document.write(toStaticHTML(\"<style>\r\ndiv{font-family:rgb('0,0,0)'''}foo');color=expression(alert(1));{}\r\n</style><div>POC</div>\"))</script>*\r\n\r\nIn this case the function's return value would be JavaScript executable:\r\n\r\n*<style>\r\ndiv{font-family:rgb('0,0,0)''';}foo');color=expression(alert(1));{;}</style>\r\n<div>POC</div>*\r\n\r\n\r\n\r\nThe reason this code bypasses the filter engine is due to two reasons:\r\n\r\n 1. The filtering engine allows the string \"expression(\" to exists in\r\n \"non-dangerous\" locations within the CSS.\r\n 2. A bug in Internet Explorer's CSS parsing engine doesn't properly\r\n terminate strings that are opened inside brackets and closed outside of\r\n them.\r\n\r\nWhen combining these two factors the attacker is able to \"confuse\" the\r\nfiltering mechanism into \"thinking\" that a string is open when in fact it\r\nis terminated and vice versa. With this ability the attacker can trick the\r\nfiltering mechanism into entering a state of the selector context which is\r\nconsidered safer where in fact the code is just a new declaration of the\r\nsame selector, thus breaking the state machine and bypassing the filter.\r\n\r\n\r\n\r\nImpact\r\n\r\nEvery application that relies on the *toStaticHTML* component to sanitize\r\nuser supplied data had probably been vulnerable to XSS.\r\n\r\n\r\n\r\nRemediation\r\n\r\nMicrosoft has issued several updates to address this vulnerability.\r\n\r\nMS12-037 - http://technet.microsoft.com/en-us/security/bulletin/ms12-037\r\n\r\nMS12-039 - http://technet.microsoft.com/en-us/security/bulletin/ms12-039\r\n\r\nMS12-050 - http://technet.microsoft.com/en-us/security/bulletin/MS12-050", "sourceHref": "https://www.exploit-db.com/download/19777", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "threatpost": [{"lastseen": "2018-10-06T23:03:10", "description": "A serious remote-code execution vulnerability in PHP was accidentally disclosed Wednesday, leading to fears of an outbreak of attacks on sites that were built using vulnerable versions of PHP. The bug has been known privately since January when a team of researchers used it in a capture the flag contest and then subsequently reported it to the PHP Group. The developers were still in the process of building the patch for the flaw when it was disclosed Wednesday.\n\nThe vulnerability is a simple one but it has serious consequences. Essentially, the researchers found that when they passed a specific query string that contained the -s command to PHP in a CGI setup, PHP would interpret the -s as the command line argument and result in the disclosure of the source code for the application. They extended their testing and found they could pass whatever command-line arguments they wanted ot the PHP binary.\n\n\u201cWhen PHP is used in a CGI-based setup (such as Apache\u2019s`mod_cgid`), the `php-cgi` receives a processed query string parameter as command line arguments which allows command-line switches, such as `-s, -d or -c` to be passed to the `php-cgi` binary, which can be exploited to disclose source code and obtain arbitrary code execution,\u201d the [US-CERT](<http://www.kb.cert.org/vuls/id/520827>) said in an advisory published Wednesday. \u201cA remote unauthenticated attacker could obtain sensitive information, cause a denial of service condition or may be able to execute arbitrary code with the privileges of the web server.\u201d\n\nThe team that found the bug, known as Eindbazen, said that they had been waiting for several months for the PHP Group to release a patch for the vulnerability in order to publish information about the bug. However, someone accidentally marked an internal PHP bug as public and it eventually was posted to Reddit. So Eindbazen then published the details of their findings and how it can be exploited. \n\n\u201cWe\u2019ve tested this and have confirmed that the query parameters are passed to the php5-cgi binary in this configuration. Since the wrapper script merely passes all the arguments on to the actual php-cgi binary, the same problem exists with configurations where php-cgi is directly copied into the cgi-bin directory. It\u2019s interesting to note that while slashes get added to any shell metacharacters we pass in the query string, spaces and dashes (\u2018-\u2019) are not escaped. So we can pass as many options to PHP as we want!\u201d they wrote in their analysis of the [PHP CVE-2012-1823 vulnerability](<http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/>). \n\n\u201cThere is one slight complication: php5-cgi behaves differently depending on which environment variables have been set, disabling the flag -r for direct code execution among others. However, this can be trivially bypassed. We\u2019re removing the remote code execution PoC out of an abundance of caution, but at this point anyone should be able to figure this out. And for the record: safe_mode, allow_url_include and other security-related ini settings will not save you.\u201d\n\nPHP is one of the more popular scripting languages used in Web development. Since the time that the Eindbazen team reported the bug to the PHP Group, there have been several new versions of the language released, with various other security fixes, but without a patch for the CVE-2012-1863 bug. Right now, there is no patch available for the flaw discovered by the Eindbazen team, however they list a couple of technical workarounds in their post and have produced a file that includes both of them that users can [download](<http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/>). \n", "cvss3": {}, "published": "2012-05-03T14:09:27", "type": "threatpost", "title": "Serious Remote PHP Bug Accidentally Disclosed", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2012-1823", "CVE-2012-1863"], "modified": "2013-04-17T16:32:19", "id": "THREATPOST:219EFB4DE8A56286E444E303B599B79C", "href": "https://threatpost.com/serious-remote-php-bug-accidentally-disclosed-050312/76517/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-06T23:03:08", "description": "**UPDATE**\u2013The developers of PHP have released new versions of the scripting language to fix a [remotely exploitable vulnerability](<https://threatpost.com/php-group-releases-new-versions-patch-doesnt-fix-cve-2012-1823-bug-050412/>) announced earlier this week that enables an attacker to pass command-line arguments to the PHP binary. The flaw has been in the code for more than eight years and The PHP Group was working on a patch for it when the bug was disclosed accidentally on Reddit. However, the team that found the bug says the new versions of PHP don\u2019t actually fix the vulnerability. \n\nThe new versions of PHP are available now and the developers recommend that users upgrade as soon as possible. PHP versions 5.3.12 and 5.4.2 both contain the fix for the vulnerability. \n\n\u201cWe\u2019ve tested this and have confirmed that the query parameters are passed to the php5-cgi binary in this configuration. Since the wrapper script merely passes all the arguments on to the actual php-cgi binary, the same problem exists with configurations where php-cgi is directly copied into the cgi-bin directory. It\u2019s interesting to note that while slashes get added to any shell metacharacters we pass in the query string, spaces and dashes (\u2018-\u2019) are not escaped. So we can pass as many options to PHP as we want!\u201d the team that discovered the flaw, known as [Eindbazen](<http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/>), wrote in their analysis of the bug. \n\nEindbazen said in an updated post that the PHP patch isn\u2019t sufficient to fix the bug.\n\n\u201cThe new PHP release is buggy. You can use their mitigation mod_rewrite rule, but the patch and new released versions do not fix the problem. At the bottom we have added a version of the PHP patch that fixes the obvious problem with the patch merged in the recently released security update,\u201d the team said. \n\nThe PHP Group is working on a new fix for the vulnerability now.\n\n\u201cWe have received word that new PHP updates with the revised fix will be released soon. The issue that this problem was not properly fixed by the original security update is being tracked as CVE-2012-2311,\u201d Eindbazen said.\n\nThe PHP Group also had some other problems this week, specifically a problem in its internal bug-handling system that resulted in the private discussion on the CVE-2012-1823 vulnerability being marked as public. That led to the bug being posted to Reddit. The Eindbazen team then posted the details of the bug, which they had discovered in January during a capture the flag contest.\n\n\u201cThere is a vulnerability in certain CGI-based setups **(Apache+mod_php and nginx+php-fpm are not affected)** that has gone unnoticed for at least 8 years. [Section 7 of the CGI spec](<http://tools.ietf.org/html/draft-robinson-www-interface-00#section-7>) states:\n\nSome systems support a method for supplying a [sic] array of strings to the CGI script. This is only used in the case of an `indexed\u2019 query. This is identified by a \u201cGET\u201d or \u201cHEAD\u201d HTTP request with a URL search string not containing any unencoded \u201c=\u201d characters.\n\nSo, requests that do not have a \u201c=\u201d in the query string are treated differently from those who do in some CGI implementations. For PHP this means that a request containing ?-s may dump the PHP source code for the page, but a request that has ?-s&=1 is fine.\n\nA large number of sites run PHP as either an Apache module through mod_php or using php-fpm under nginx. Neither of these setups are vulnerable to this. Straight shebang-style CGI also does not appear to be vulnerable,\u201d the [PHP Group](<http://www.php.net/archive/2012.php#id2012-05-03-1>) said in its release notes for the new versions. \u201cIf you are using Apache mod_cgi to run PHP you may be vulnerable. To see if you are, just add ?-s to the end of any of your URLs. If you see your source code, you are vulnerable. If your site renders normally, you are not.\n\nThe PHP developers said that while the new versions of the language should work for most users, it may not be feasible for some users to update much older versions of PHP. In that case, users can deploy a workaround.\n\n\u201cAn alternative is to configure your web server to not let these types of requests with query strings starting with a \u201c-\u201d and not containing a \u201c=\u201d through. Adding a rule like this should not break any sites,\u201d they said.\n", "cvss3": {}, "published": "2012-05-04T14:26:46", "type": "threatpost", "title": "PHP Group Releases New Versions, But Patch Doesn't Fix CVE-2012-1823 Bug", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2012-1823", "CVE-2012-1863", "CVE-2012-2311"], "modified": "2013-04-17T16:32:18", "id": "THREATPOST:9FD19F2ACF1E3C44BAE775A250F1E132", "href": "https://threatpost.com/php-group-releases-new-versions-patch-doesnt-fix-cve-2012-1823-bug-050412/76524/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-06T23:03:06", "description": "For the second time in less than a week, the developers of PHP have released new versions of the language that include a fix for the remotely exploitable vulnerability that was disclosed last week. The group is encouraging users to upgrade to PHP 5.4.3 or 5.3.13 immediately. \n\nThe [vulnerability affects PHP](<https://threatpost.com/another-set-php-releases-pushed-out-fix-cve-2012-1823-flaw-050912/>) sites in CGI-based setups and can enable an attacker to get access to the site\u2019s source code by passing certain queries to the PHP binary as command-line arguments. The bug was disclosed last week before a patch was available through a mistake in the PHP Group\u2019s internal bug-handling system.\n\n\u201cThe PHP development team would like to announce the immediate availability of PHP 5.4.3 and PHP 5.3.13. All users are encouraged to upgrade to PHP 5.4.3 or PHP 5.3.13\n\nThe releases complete a fix for a [vulnerability](<http://www.php.net/archive/2012.php#id2012-05-03-1>) in CGI-based setups (CVE-2012-2311). _Note: mod_php and php-fpm are not vulnerable to this attack,\u201d _the PHP developers said.\n\n\u201cPHP 5.4.3 fixes a buffer overflow vulnerability in the [apache_request_headers()](<http://php.net/manual/function.apache-request-headers.php>) (CVE-2012-2329). The PHP 5.3 series is not vulnerable to this issue.\u201d\n\nThe PHP Group [released a fix for the bug](<https://threatpost.com/php-group-set-release-another-patch-cve-2012-1823-flaw-050812/>) late last week, but the researchers who discovered the flaw originally found that the new versions didn\u2019t completely address the problem and still left vulnerable sites exposed to attack. There are mitigations available for the bug, as explained by the [Eindbazen](<http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/>) team that found the flaw, but users should upgrade their installations as soon as they can.\n", "cvss3": {}, "published": "2012-05-09T14:32:23", "type": "threatpost", "title": "Another Set of PHP Releases Pushed Out to Fix CVE-2012-1823 Flaw", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2012-1823", "CVE-2012-1863", "CVE-2012-2311", "CVE-2012-2329"], "modified": "2013-04-17T16:32:16", "id": "THREATPOST:3EEA9D9B7CBDC9687FD961AD1AF59EF5", "href": "https://threatpost.com/another-set-php-releases-pushed-out-fix-cve-2012-1823-flaw-050912/76544/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2023-01-11T14:24:35", "description": "The remote Windows host is potentially affected by the following vulnerabilities :\n\n - Multiple code execution vulnerabilities exist in the handling of specially crafted TrueType font files.\n (CVE-2011-3402, CVE-2012-0159)\n\n - An insecure library loading vulnerability exists in the way that Microsoft Lync handles the loading of DLL files. (CVE-2012-1849)\n\n - An HTML sanitization vulnerability exists in the way that HTML is filtered. (CVE-2012-1858)", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "nessus", "title": "MS12-039: Vulnerabilities in Lync Could Allow Remote Code Execution (2707956)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3402", "CVE-2012-0159", "CVE-2012-1849", "CVE-2012-1858"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:microsoft:office_communicator", "cpe:/a:microsoft:lync"], "id": "SMB_NT_MS12-039.NASL", "href": "https://www.tenable.com/plugins/nessus/59457", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59457);\n script_version(\"1.31\");\n script_cvs_date(\"Date: 2018/11/15 20:50:31\");\n\n script_cve_id(\"CVE-2011-3402\", \"CVE-2012-0159\", \"CVE-2012-1849\", \"CVE-2012-1858\");\n script_bugtraq_id(50462, 53335, 53831, 53842);\n script_xref(name:\"EDB-ID\", value:\"19777\");\n script_xref(name:\"MSFT\", value:\"MS12-039\");\n script_xref(name:\"MSKB\", value:\"2693282\");\n script_xref(name:\"MSKB\", value:\"2693283\");\n script_xref(name:\"MSKB\", value:\"2696031\");\n script_xref(name:\"MSKB\", value:\"2702444\");\n script_xref(name:\"MSKB\", value:\"2708980\");\n\n script_name(english:\"MS12-039: Vulnerabilities in Lync Could Allow Remote Code Execution (2707956)\");\n script_summary(english:\"Checks version of multiple files\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"Arbitrary code can be executed on the remote host through Microsoft\nLync.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is potentially affected by the following\nvulnerabilities :\n\n - Multiple code execution vulnerabilities exist in the\n handling of specially crafted TrueType font files.\n (CVE-2011-3402, CVE-2012-0159)\n\n - An insecure library loading vulnerability exists in the\n way that Microsoft Lync handles the loading of DLL\n files. (CVE-2012-1849)\n\n - An HTML sanitization vulnerability exists in the way\n that HTML is filtered. (CVE-2012-1858)\");\n # http://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7d49512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-12-129/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2012/Aug/58\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-039\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for Lync 2010, Lync 2010\nAttendee, Lync 2010 Attendant, and Communicator 2007 R2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office_communicator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:lync\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nglobal_var bulletin;\n\nfunction get_user_dirs()\n{\n local_var appdir, dirpat, domain, hklm, iter, lcpath, login, pass;\n local_var path, paths, pdir, port, rc, root, share, user, ver;\n\n paths = make_list();\n\n registry_init();\n hklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n pdir = get_registry_value(handle:hklm, item:\"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList\\ProfilesDirectory\");\n if (pdir && stridx(tolower(pdir), \"%systemdrive%\") == 0)\n {\n root = get_registry_value(handle:hklm, item:\"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SystemRoot\");\n if (!isnull(root))\n {\n share = ereg_replace(string:root, pattern:\"^([A-Za-z]):.*\", replace:\"\\1:\");\n pdir = share + substr(pdir, strlen(\"%systemdrive%\"));\n }\n }\n RegCloseKey(handle:hklm);\n close_registry(close:FALSE);\n\n if (!pdir)\n return NULL;\n\n ver = get_kb_item(\"SMB/WindowsVersion\");\n\n share = ereg_replace(string:pdir, pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\");\n dirpat = ereg_replace(string:pdir, pattern:\"^[A-Za-z]:(.*)\", replace:\"\\1\\*\");\n\n port = kb_smb_transport();\n if (!get_port_state(port)) audit(AUDIT_PORT_CLOSED, port);\n login = kb_smb_login();\n pass = kb_smb_password();\n domain = kb_smb_domain();\n\n rc = NetUseAdd(login:login, password:pass, domain:domain, share:share);\n if (rc != 1)\n {\n NetUseDel(close:FALSE);\n return NULL;\n }\n\n # 2000 / XP / 2003\n if (ver < 6)\n appdir += \"\\Local Settings\\Application Data\";\n # Vista / 7 / 2008\n else\n appdir += \"\\AppData\\Local\";\n\n paths = make_array();\n iter = FindFirstFile(pattern:dirpat);\n while (!isnull(iter[1]))\n {\n user = iter[1];\n iter = FindNextFile(handle:iter);\n\n if (user == \".\" || user == \"..\")\n continue;\n\n path = pdir + \"\\\" + user + appdir;\n\n lcpath = tolower(path);\n if (isnull(paths[lcpath]))\n paths[lcpath] = path;\n }\n\n NetUseDel(close:FALSE);\n\n return paths;\n}\n\nfunction check_vuln(file, fix, kb, key, min, paths)\n{\n local_var base, hklm, path, result, rc, share;\n\n if (!isnull(key))\n {\n registry_init();\n hklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n base = get_registry_value(handle:hklm, item:key);\n RegCloseKey(handle:hklm);\n close_registry(close:FALSE);\n\n if (isnull(base))\n return FALSE;\n }\n\n if (isnull(paths))\n paths = make_list(\"\");\n\n result = FALSE;\n foreach path (paths)\n {\n path = base + path;\n\n share = ereg_replace(string:path, pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\");\n if (!is_accessible_share(share:share))\n continue;\n\n rc = hotfix_check_fversion(file:file, version:fix, min_version:min, path:path, bulletin:bulletin, kb:kb);\n\n if (rc == HCF_OLDER)\n result = TRUE;\n }\n\n return result;\n}\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS12-039\";\nkbs = make_list(\"2693282\", \"2693283\", \"2696031\", \"2702444\", \"2708980\");\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\", exit_code:1);\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\n# Add an extra node to the registry key if needed.\narch = get_kb_item_or_exit(\"SMB/ARCH\", exit_code:1);\nif (arch == \"x64\")\n extra = \"\\Wow6432Node\";\n\n######################################################################\n# Microsoft Communicator 2007 R2\n######################################################################\nvuln = check_vuln(\n key : \"SOFTWARE\\Microsoft\\Communicator\\InstallationDirectory\",\n file : \"Communicator.exe\",\n min : \"3.5.0.0\",\n fix : \"3.5.6907.253\",\n kb : \"2708980\"\n);\n\n######################################################################\n# Microsoft Lync 2010\n######################################################################\nif (!vuln)\n{\n vuln = check_vuln(\n key : \"SOFTWARE\" + extra + \"\\Microsoft\\Communicator\\InstallationDirectory\",\n file : \"Communicator.exe\",\n min : \"4.0.0.0\",\n fix : \"4.0.7577.4098\",\n kb : \"2693282\"\n );\n}\n\n######################################################################\n# Microsoft Lync 2010 Attendant\n######################################################################\nvuln = check_vuln(\n key : \"SOFTWARE\" + extra + \"\\Microsoft\\Attendant\\InstallationDirectory\",\n file : \"AttendantConsole.exe\",\n min : \"4.0.0.0\",\n fix : \"4.0.7577.4098\",\n kb : \"2702444\"\n) || vuln;\n\n######################################################################\n# Microsoft Lync 2010 Attendee (admin-level install)\n######################################################################\nvuln = check_vuln(\n key : \"SOFTWARE\\Microsoft\\AttendeeCommunicator\\InstallationDirectory\",\n file : \"CURes.dll\",\n min : \"4.0.0.0\",\n fix : \"4.0.7577.4098\",\n kb : \"2696031\"\n) || vuln;\n\n######################################################################\n# Microsoft Lync 2010 Attendee (user-level install)\n######################################################################\npaths = get_user_dirs();\n\nif (!isnull(paths))\n{\n vuln = check_vuln(\n paths : paths,\n file : \"\\Microsoft Lync Attendee\\System.dll\",\n min : \"4.0.0.0\",\n fix : \"4.0.60831.0\",\n kb : \"2693283\"\n ) || vuln;\n}\n\n# Disconnect from registry.\nclose_registry();\n\nif (vuln)\n{\n set_kb_item(name:\"www/0/XSS\", value:TRUE);\n\n set_kb_item(name:\"SMB/Missing/\" + bulletin, value:TRUE);\n hotfix_security_hole();\n\n hotfix_check_fversion_end();\n exit(0);\n}\n\nhotfix_check_fversion_end();\nexit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:24:30", "description": "The remote host is missing Internet Explorer (IE) Security Update 2699988.\n\nThe installed version of IE is affected by several vulnerabilities that could allow an attacker to execute arbitrary code on the remote host.", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "nessus", "title": "MS12-037: Cumulative Security Update for Internet Explorer (2699988)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1523", "CVE-2012-1858", "CVE-2012-1872", "CVE-2012-1873", "CVE-2012-1874", "CVE-2012-1875", "CVE-2012-1876", "CVE-2012-1877", "CVE-2012-1878", "CVE-2012-1879", "CVE-2012-1880", "CVE-2012-1881", "CVE-2012-1882"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:microsoft:ie", "cpe:/o:microsoft:windows"], "id": "SMB_NT_MS12-037.NASL", "href": "https://www.tenable.com/plugins/nessus/59455", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59455);\n script_version(\"1.31\");\n script_cvs_date(\"Date: 2018/11/15 20:50:31\");\n\n script_cve_id(\n \"CVE-2012-1523\",\n \"CVE-2012-1858\",\n \"CVE-2012-1872\",\n \"CVE-2012-1873\",\n \"CVE-2012-1874\",\n \"CVE-2012-1875\",\n \"CVE-2012-1876\",\n \"CVE-2012-1877\",\n \"CVE-2012-1878\",\n \"CVE-2012-1879\",\n \"CVE-2012-1880\",\n \"CVE-2012-1881\",\n \"CVE-2012-1882\"\n );\n script_bugtraq_id(\n 53841,\n 53842,\n 53843,\n 53844,\n 53845,\n 53847,\n 53848,\n 53866,\n 53867,\n 53868,\n 53869,\n 53870,\n 53871\n );\n script_xref(name:\"EDB-ID\", value:\"19777\");\n script_xref(name:\"EDB-ID\", value:\"20174\");\n script_xref(name:\"EDB-ID\", value:\"24017\");\n script_xref(name:\"EDB-ID\", value:\"33944\");\n script_xref(name:\"EDB-ID\", value:\"35815\");\n script_xref(name:\"MSFT\", value:\"MS12-037\");\n script_xref(name:\"MSKB\", value:\"2699988\");\n\n script_name(english:\"MS12-037: Cumulative Security Update for Internet Explorer (2699988)\");\n script_summary(english:\"Checks version of Mshtml.dll\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote host is affected by code execution vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing Internet Explorer (IE) Security Update\n2699988.\n\nThe installed version of IE is affected by several vulnerabilities\nthat could allow an attacker to execute arbitrary code on the remote\nhost.\");\n # http://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7d49512\");\n # http://www.vupen.com/blog/20120710.Advanced_Exploitation_of_Internet_Explorer_HeapOv_CVE-2012-1876.php\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?18c6adba\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-12-093/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-12-190/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-12-192/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-12-193/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-12-194/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/523185/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/523186/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/523196/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-037\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for XP, 2003, Vista, 2008, 7,\nand 2008 R2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'MS12-037 Microsoft Internet Explorer Fixed Table Col Span Heap Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:ie\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"misc_func.inc\");\n\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS12-037';\nkb = '2699988';\n\nkbs = make_list(kb);\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(xp:'3', win2003:'2', vista:'2', win7:'0,1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\nif (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);\n\nrootfile = hotfix_get_systemroot();\nif (!rootfile) exit(1, \"Failed to get the system root.\");\n\nshare = hotfix_path2share(path:rootfile);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n # Windows 7 / 2008 R2\n #\n # - Internet Explorer 9\n hotfix_is_vulnerable(os:\"6.1\", file:\"Mshtml.dll\", version:\"9.0.8112.20551\", min_version:\"9.0.8112.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", file:\"Mshtml.dll\", version:\"9.0.8112.16446\", min_version:\"9.0.8112.16000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n # - Internet Explorer 8\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"Mshtml.dll\", version:\"8.0.7601.21976\", min_version:\"8.0.7601.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"Mshtml.dll\", version:\"8.0.7601.17824\", min_version:\"8.0.7601.17000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:0, file:\"Mshtml.dll\", version:\"8.0.7600.21198\", min_version:\"8.0.7600.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:0, file:\"Mshtml.dll\", version:\"8.0.7600.17006\", min_version:\"8.0.7600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Vista / 2008\n #\n # - Internet Explorer 9\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Mshtml.dll\", version:\"9.0.8112.20551\", min_version:\"9.0.8112.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Mshtml.dll\", version:\"9.0.8112.16446\", min_version:\"9.0.8112.16000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n # - Internet Explorer 8\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Mshtml.dll\", version:\"8.0.6001.23359\", min_version:\"8.0.6001.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Mshtml.dll\", version:\"8.0.6001.19272\", min_version:\"8.0.6001.18000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n # - Internet Explorer 7\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Mshtml.dll\", version:\"7.0.6002.22838\", min_version:\"7.0.6002.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Mshtml.dll\", version:\"7.0.6002.18616\", min_version:\"7.0.6002.18000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Windows 2003 / XP 64-bit\n #\n # - Internet Explorer 8\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"Mshtml.dll\", version:\"8.0.6001.23345\", min_version:\"8.0.6001.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"Mshtml.dll\", version:\"8.0.6001.19258\", min_version:\"8.0.0.0\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n # - Internet Explorer 7\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"Mshtml.dll\", version:\"7.0.6000.21312\", min_version:\"7.0.6000.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"Mshtml.dll\", version:\"7.0.6000.17110\", min_version:\"7.0.0.0\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n # - Internet Explorer 6\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"Mshtml.dll\", version:\"6.0.3790.4986\", min_version:\"6.0.0.0\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Windows XP x86\n #\n # - Internet Explorer 8\n hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"Mshtml.dll\", version:\"8.0.6001.23345\", min_version:\"8.0.6001.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"Mshtml.dll\", version:\"8.0.6001.19258\", min_version:\"8.0.0.0\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n # - Internet Explorer 7\n hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"Mshtml.dll\", version:\"7.0.6000.21312\", min_version:\"7.0.6000.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"Mshtml.dll\", version:\"7.0.6000.17110\", min_version:\"7.0.0.0\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n # - Internet Explorer 6\n hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"Mshtml.dll\", version:\"6.0.2900.6212\", min_version:\"6.0.2900.0\", dir:\"\\system32\", bulletin:bulletin, kb:kb)\n)\n{\n set_kb_item(name:\"SMB/Missing/\"+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, 'affected');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}

MS12-050: Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502)

Description

Related