Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2010-1257
HistoryJun 08, 2010 - 8:30 p.m.

CVE-2010-1257

2010-06-0820:30:02
CWE-79
[email protected]
web.nvd.nist.gov
8

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.4

Confidence

High

EPSS

0.712

Percentile

98.1%

JSON

Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or HTML via vectors related to sanitization.

Affected configurations

Nvd
Node
microsoftoffice_infopathMatch2003sp3
OR
microsoftoffice_infopathMatch2007sp1
OR
microsoftoffice_infopathMatch2007sp2
Node
microsoftsharepoint_serverMatch2007sp1x32
OR
microsoftsharepoint_serverMatch2007sp1x64
OR
microsoftsharepoint_serverMatch2007sp2x32
OR
microsoftsharepoint_serverMatch2007sp2x64
Node
microsoftsharepoint_servicesMatch3.0sp1x32
OR
microsoftsharepoint_servicesMatch3.0sp1x64
OR
microsoftsharepoint_servicesMatch3.0sp2x32
OR
microsoftsharepoint_servicesMatch3.0sp2x64
Node
microsoftinternet_explorerMatch8
AND
microsoftwindows_2003_serversp2
OR
microsoftwindows_2003_serversp2x64
OR
microsoftwindows_7Match-
OR
microsoftwindows_server_2008x32
OR
microsoftwindows_server_2008x64
OR
microsoftwindows_server_2008sp2x32
OR
microsoftwindows_server_2008sp2x64
OR
microsoftwindows_server_2008Matchr2itanium
OR
microsoftwindows_server_2008Matchr2x64
OR
microsoftwindows_vistasp1
OR
microsoftwindows_vistasp2
OR
microsoftwindows_vistaMatch-sp1
OR
microsoftwindows_vistaMatch-sp2
OR
microsoftwindows_xpsp2
OR
microsoftwindows_xpsp3
OR
microsoftwindows_xpMatch-sp2x64
VendorProductVersionCPE
microsoftoffice_infopath2003cpe:2.3:a:microsoft:office_infopath:2003:sp3:*:*:*:*:*:*
microsoftoffice_infopath2007cpe:2.3:a:microsoft:office_infopath:2007:sp1:*:*:*:*:*:*
microsoftoffice_infopath2007cpe:2.3:a:microsoft:office_infopath:2007:sp2:*:*:*:*:*:*
microsoftsharepoint_server2007cpe:2.3:a:microsoft:sharepoint_server:2007:sp1:x32:*:*:*:*:*
microsoftsharepoint_server2007cpe:2.3:a:microsoft:sharepoint_server:2007:sp1:x64:*:*:*:*:*
microsoftsharepoint_server2007cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:x32:*:*:*:*:*
microsoftsharepoint_server2007cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:x64:*:*:*:*:*
microsoftsharepoint_services3.0cpe:2.3:a:microsoft:sharepoint_services:3.0:sp1:x32:*:*:*:*:*
microsoftsharepoint_services3.0cpe:2.3:a:microsoft:sharepoint_services:3.0:sp1:x64:*:*:*:*:*
microsoftsharepoint_services3.0cpe:2.3:a:microsoft:sharepoint_services:3.0:sp2:x32:*:*:*:*:*
Rows per page:
1-10 of 281

Related

seebug 1
checkpoint_advisories 1
cve 2
cvelist 2
prion 2
openvas 4
nvd 1
securityvulns 4
nessus 2
mskb 1
seebug
seebug
Microsoft IE toStaticHTMLθ·¨εŸŸδΏ‘ζ―ζ³„ιœ²ζΌζ΄žοΌˆMS10-035οΌ‰
2010-06-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Internet Explorer toStaticHTML Information Disclosure (MS10-035; CVE-2010-1257)
2010-06-08 00:00:00
cve
cve
CVE-2010-1257
2010-06-08 20:30:02
CVE-2010-3324
2010-09-17 18:00:03
cvelist
cvelist
CVE-2010-1257
2010-06-08 20:00:00
CVE-2010-3324
2010-09-17 17:46:00
prion
prion
Cross site scripting
2010-06-08 20:30:00
Cross site scripting
2010-09-17 18:00:00
openvas
openvas
Microsoft SharePoint Privilege Elevation Vulnerabilities (2028554)
2010-06-09 00:00:00
Microsoft SharePoint Privilege Elevation Vulnerabilities (2028554)
2010-06-09 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (982381)
2010-06-09 00:00:00
nvd
nvd
CVE-2010-3324
2010-09-17 18:00:03
securityvulns
securityvulns
Microsoft SharePoint multiple security vulnerabilities
2010-06-09 00:00:00
Microsoft Security Bulletin MS10-039 - Important Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554)
2010-06-09 00:00:00
Microsoft Security Bulletin MS10-035 - Critical Cumulative Security Update for Internet Explorer (982381)
2010-06-08 00:00:00
nessus
nessus
MS10-039: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554)
2010-06-09 00:00:00
MS10-035: Cumulative Security Update for Internet Explorer (982381)
2010-06-09 00:00:00
mskb
mskb
MS10-035: Cumulative security update for Internet Explorer
2014-06-21 13:52:45

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.4

Confidence

High

EPSS

0.712

Percentile

98.1%

JSON
Related for NVD:CVE-2010-1257
seebug1checkpoint_advisories1cve2cvelist2prion2openvas4nvd1securityvulns4nessus2mskb1