3 matches found
CVE-2010-1257
Cross-site scripting XSS vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or...
CVE-2010-1257
CVE-2010-1257 is described as an XSS flaw in the toStaticHTML API affecting InfoPath 2003/2007, SharePoint products, and IE8. Public docs here identify IE vulnerabilities addressed by MS10-035 (Internet Explorer cumulative security update) that resolves remote code execution/related issues. The C...
Internet Explorer toStaticHTML Information Disclosure (MS10-035; CVE-2010-1257)
An information disclosure vulnerability has been reported in Internet Explorer. The vulnerability is due to the way IInternet Explorer handles content using specific strings when sanitizing HTML. To trigger this issue, an attacker may create a malicious web page that will cause Internet Explorer ...