MS11-074: Description of the security update for Microsoft SharePoint Foundation 2010: September 13, 2011

MS11-074: Description of the security update for Microsoft SharePoint Foundation 2010: September 13, 2011 INTRODUCTION Microsoft has released security bulletin MS11-074. To view the complete security bulletin, visit one of the following Microsoft websites: Home...

Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048)

This host is missing an important security update according to Microsoft Bulletin MS10-072. OpenVAS Vulnerability Test $Id: secpodms10-072.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities 2412048 Authors: Rachana Shetty Copyright: Copyright...

Microsoft IE 8 toStaticHTML()函数不安全HTML过滤漏洞(MS10-071/MS10-072)

BUGTRAQ ID: 42467 CVECAN ID: CVE-2010-3324 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 IE8中对窗口对象提供了名为toStaticHTML的过滤方式。如果向这个函数传送了HTML字符串，在返回之前会删除所有可执行的脚本结构。例如，可使用toStaticHTML方式确保从postMessage调用所接收到的HTML无法执行脚本，但可利用基本格式： document.attachEvent'onmessage',functione if e.domain == 'weather.example.com'...

Microsoft Internet Explorer 8 toStaticHTML API Information Disclosure (MS10-072; CVE-2010-3243)

Multiple memory corruption vulnerabilities have been reported in Microsoft Internet Explorer. An information disclosure vulnerability has been reported in the way that the toStaticHTML API sanitizes HTML. The vulnerability is due to the way that Internet Explorer handles content using specific...

Internet Explorer toStaticHTML API Cross-Site-Scripting (MS10-072; CVE-2010-3324)

Multiple memory corruption vulnerabilities have been reported in Microsoft Internet Explorer. An information disclosure vulnerability has been reported in the way that the toStaticHTML API sanitizes HTML. The vulnerability is due to the way that Internet Explorer handles content using specific...