Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2010-3243
HistoryOct 13, 2010 - 7:00 p.m.

CVE-2010-3243

2010-10-1319:00:46
CWE-79
[email protected]
web.nvd.nist.gov
5

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.919

Percentile

99.0%

JSON

Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka “HTML Sanitization Vulnerability.”

Affected configurations

Nvd
Node
microsoftsharepoint_serverMatch2007sp2x32
OR
microsoftsharepoint_serverMatch2007sp2x64
OR
microsoftsharepoint_servicesMatch3.0sp2x32
OR
microsoftsharepoint_servicesMatch3.0sp2x64
Node
microsoftinternet_explorerMatch8
AND
microsoftwindows_7Match-
OR
microsoftwindows_server_2003sp2
OR
microsoftwindows_server_2008x32
OR
microsoftwindows_server_2008x64
OR
microsoftwindows_server_2008sp2x32
OR
microsoftwindows_server_2008sp2x64
OR
microsoftwindows_server_2008Matchr2itanium
OR
microsoftwindows_server_2008Matchr2x64
OR
microsoftwindows_vistasp1
OR
microsoftwindows_vistasp2
OR
microsoftwindows_xpsp3
OR
microsoftwindows_xpMatch-sp2x64
VendorProductVersionCPE
microsoftsharepoint_server2007cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:x32:*:*:*:*:*
microsoftsharepoint_server2007cpe:2.3:a:microsoft:sharepoint_server:2007:sp2:x64:*:*:*:*:*
microsoftsharepoint_services3.0cpe:2.3:a:microsoft:sharepoint_services:3.0:sp2:x32:*:*:*:*:*
microsoftsharepoint_services3.0cpe:2.3:a:microsoft:sharepoint_services:3.0:sp2:x64:*:*:*:*:*
microsoftinternet_explorer8cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*
microsoftwindows_7-cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
microsoftwindows_server_2003*cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
microsoftwindows_server_2008*cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*
microsoftwindows_server_2008*cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
microsoftwindows_server_2008*cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*
Rows per page:
1-10 of 171

Related

cvelist 1
cve 1
prion 1
checkpoint_advisories 1
mskb 1
securityvulns 4
openvas 4
nessus 3
cvelist
cvelist
CVE-2010-3243
2010-10-13 18:00:00
cve
cve
CVE-2010-3243
2010-10-13 19:00:46
prion
prion
Cross site scripting
2010-10-13 19:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer 8 toStaticHTML API Information Disclosure (MS10-072; CVE-2010-3243)
2010-10-12 00:00:00
mskb
mskb
MS10-072: Vulnerabilities in Microsoft SharePoint could allow information disclosure
2012-05-11 22:40:26
securityvulns
securityvulns
Microsoft Security Bulletin MS10-072 - Important Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)
2010-10-13 00:00:00
Microsoft Sharepoint SafeHTML crossite scripting
2010-10-13 00:00:00
Microsoft Internet Explorer multiple security vulnerabilities
2010-10-13 00:00:00
openvas
openvas
Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048)
2011-09-22 00:00:00
Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048)
2011-09-22 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (2360131)
2010-10-13 00:00:00
nessus
nessus
MS10-072: Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048) (remote check)
2010-10-18 00:00:00
MS10-072: Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)
2010-10-13 00:00:00
MS10-071: Cumulative Security Update for Internet Explorer (2360131)
2010-10-13 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.919

Percentile

99.0%

JSON
Related for NVD:CVE-2010-3243
cvelist1cve1prion1checkpoint_advisories1mskb1securityvulns4openvas4nessus3