4 matches found
Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing
No description provided by source. Name: Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information \ Disclosure Vulnerability Author: Adi Cohen of IBM Rational Application Security [email protected] Date: June 14, 2011 Risk: Medium CVE: CVE-2011-1252 Introduction ------------- The...
CVE-2011-1252
Cross-site scripting XSS vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, and SharePoint...
CVE-2011-1252
Cross-site scripting XSS vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, and SharePoint...
Microsoft Internet Explorer toStaticHTML Cross-Site-Scripting (MS11-050; CVE-2011-1252)
An information disclosure vulnerability exists in the way that Internet Explorer handles content using specific strings when sanitizing HTML. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow information disclosure if a user viewed the Web...