Microsoft Lync/Office Communicator HTML代码过滤漏洞 (CVE-2012-1858) (MS12-039)

2012-06-13T00:00:00

Description

CVE ID: CVE-2012-1858 Microsoft Lync 新一代企业整合沟通平台（前身为 Communications Server），提供了一种全新的、直观的用户体验，跨越 PC、Web、手机等其他移动设备，将不同的沟通方式集成到一个平台之中。 Microsoft Lync HTML过滤时存在信息泄露漏洞，可允许攻击者执行XSS攻击和运行脚本。 0 Microsoft Lync 2010 Microsoft Office Communicator 2007 临时解决方法：如果您不能立刻安装补丁或者升级，建议您采取以下措施以降低威胁： * 禁止从WebDAV和远程网络共享加载库。 * 在防火墙阻止TCP端口139和445 厂商补丁： Microsoft --------- Microsoft已经为此发布了一个安全公告（MS12-039）以及相应补丁: MS12-039：Vulnerabilities in Lync Could Allow Remote Code Execution (2707956) 链接：http://www.microsoft.com/technet/security/bulletin/MS12-039 .asp

{"sourceData": "", "status": "cve,details", "description": "CVE ID: CVE-2012-1858\r\n\r\nMicrosoft Lync \u65b0\u4e00\u4ee3\u4f01\u4e1a\u6574\u5408\u6c9f\u901a\u5e73\u53f0\uff08\u524d\u8eab\u4e3a Communications Server\uff09\uff0c\u63d0\u4f9b\u4e86\u4e00\u79cd\u5168\u65b0\u7684\u3001\u76f4\u89c2\u7684\u7528\u6237\u4f53\u9a8c\uff0c\u8de8\u8d8a PC\u3001Web\u3001\u624b\u673a\u7b49\u5176\u4ed6\u79fb\u52a8\u8bbe\u5907\uff0c\u5c06\u4e0d\u540c\u7684\u6c9f\u901a\u65b9\u5f0f\u96c6\u6210\u5230\u4e00\u4e2a\u5e73\u53f0\u4e4b\u4e2d\u3002\r\n\r\nMicrosoft Lync HTML\u8fc7\u6ee4\u65f6\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u53ef\u5141\u8bb8\u653b\u51fb\u8005\u6267\u884cXSS\u653b\u51fb\u548c\u8fd0\u884c\u811a\u672c\u3002\r\n0\r\nMicrosoft Lync 2010\r\nMicrosoft Office Communicator 2007\r\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n\u5982\u679c\u60a8\u4e0d\u80fd\u7acb\u523b\u5b89\u88c5\u8865\u4e01\u6216\u8005\u5347\u7ea7\uff0c\u5efa\u8bae\u60a8\u91c7\u53d6\u4ee5\u4e0b\u63aa\u65bd\u4ee5\u964d\u4f4e\u5a01\u80c1\uff1a\r\n\r\n* \u7981\u6b62\u4eceWebDAV\u548c\u8fdc\u7a0b\u7f51\u7edc\u5171\u4eab\u52a0\u8f7d\u5e93\u3002\r\n\r\n* \u5728\u9632\u706b\u5899\u963b\u6b62TCP\u7aef\u53e3139\u548c445\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMicrosoft\r\n---------\r\nMicrosoft\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08MS12-039\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\nMS12-039\uff1aVulnerabilities in Lync Could Allow Remote Code Execution (2707956)\r\n\r\n\u94fe\u63a5\uff1ahttp://www.microsoft.com/technet/security/bulletin/MS12-039 .asp", "sourceHref": "", "reporter": "Root", "href": "https://www.seebug.org/vuldb/ssvid-60209", "type": "seebug", "viewCount": 13, "references": [], "lastseen": "2017-11-19T17:51:37", "published": "2012-06-13T00:00:00", "cvelist": ["CVE-2012-1858"], "id": "SSV:60209", "enchantments_done": [], "modified": "2012-06-13T00:00:00", "title": "Microsoft Lync/Office Communicator HTML\u4ee3\u7801\u8fc7\u6ee4\u6f0f\u6d1e (CVE-2012-1858) (MS12-039)", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "bulletinFamily": "exploit", "enchantments": {"score": {"value": -0.4, "vector": "NONE"}, "dependencies": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2012-255", "CPAI-2012-309", "CPAI-2015-0698"]}, {"type": "cve", "idList": ["CVE-2012-1858"]}, {"type": "exploitdb", "idList": ["EDB-ID:19777"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:A4C844F13ADB3E9DD54232C27BB897A6"]}, {"type": "mskb", "idList": ["KB2695502", "KB2699988"]}, {"type": "nessus", "idList": ["SMB_NT_MS12-037.NASL", "SMB_NT_MS12-039.NASL", "SMB_NT_MS12-050.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310902682", "OPENVAS:1361412562310902842", "OPENVAS:1361412562310902847", "OPENVAS:902682", "OPENVAS:902842"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:114615"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12404", "SECURITYVULNS:VULN:12406", "SECURITYVULNS:VULN:12466"]}, {"type": "seebug", "idList": ["SSV:73689"]}, {"type": "symantec", "idList": ["SMNTC-53842"]}]}, "backreferences": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2015-0698"]}, {"type": "cve", "idList": ["CVE-2012-1858"]}, {"type": "exploitdb", "idList": ["EDB-ID:19777"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:A4C844F13ADB3E9DD54232C27BB897A6"]}, {"type": "mskb", "idList": ["KB2695502"]}, {"type": "openvas", "idList": ["OPENVAS:902682"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12404"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2012-1858", "epss": "0.967790000", "percentile": "0.994130000", "modified": "2023-03-14"}], "vulnersScore": -0.4}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1659961154, "score": 1683918140, "epss": 1678850553}, "_internal": {"score_hash": "f0115ec0785e823a5130c8e23ef069cd"}}

{"symantec": [{"lastseen": "2021-06-08T19:04:08", "description": "### Description\n\nMicrosoft Internet Explorer and Microsoft Lync are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.\n\n### Technologies Affected\n\n * Microsoft Groove Server 2010 \n * Microsoft Groove Server 2010 SP1 \n * Microsoft InfoPath 2007 SP2 \n * Microsoft InfoPath 2007 SP3 \n * Microsoft InfoPath 2010 (32-bit editions) \n * Microsoft InfoPath 2010 (64-bit editions) \n * Microsoft InfoPath 2010 SP1 (32-bit editions) \n * Microsoft Internet Explorer 8 \n * Microsoft Internet Explorer 9 \n * Microsoft Lync 2010 \n * Microsoft Lync 2010 Attendant (32-bit) \n * Microsoft Lync 2010 Attendant (64-bit) \n * Microsoft Lync 2010 Attendee \n * Microsoft Office Communicator 2007 R2 \n * Microsoft Office SharePoint Server 2007 SP2 (64-bit) \n * Microsoft Office SharePoint Server 2007 SP2 \n * Microsoft Office SharePoint Server 2007 SP3 (64-bit) \n * Microsoft Office SharePoint Server 2007 SP3 \n * Microsoft Office Web Apps 2010 \n * Microsoft Office Web Apps 2010 SP1 \n * Microsoft SharePoint Foundation 2010 \n * Microsoft SharePoint Foundation 2010 SP1 \n * Microsoft SharePoint Server 2010 Enterprise Edition \n * Microsoft SharePoint Server 2010 SP1 \n * Microsoft SharePoint Server 2010 Standard Edition \n * Microsoft Windows SharePoint Services 3.0 SP2 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nWhen possible, run all software as a user with minimal privileges and limited access to system resources. Use additional precautions such as restrictive environments to insulate software that may potentially handle malicious content.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This may indicate exploit attempts or activity that results from successful exploits.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\nVendor updates are available. Please see the references for details.\n", "cvss3": {}, "published": "2012-06-12T00:00:00", "type": "symantec", "title": "Microsoft Internet Explorer And Microsoft Lync HTML Sanitizing Information Disclosure Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-1858"], "modified": "2012-06-12T00:00:00", "id": "SMNTC-53842", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/53842", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T19:56:15", "description": "An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way that the toStaticHTML API within Internet Explorer handles content using specific strings when sanitizing HTML. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted web page. Successful exploitation could allow an attacker to perform cross-site scripting attacks against affected users, resulting in script execution in the target's security context.", "cvss3": {}, "published": "2015-05-18T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Internet Explorer HTML Sanitization Information Disclosure (MS12-037) - Ver2 (CVE-2012-1858)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1858"], "modified": "2015-05-18T00:00:00", "id": "CPAI-2015-0698", "href": "", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-11-28T07:11:40", "description": "A cross-site scripting vulnerability has been reported in Microsoft SharePoint.", "cvss3": {}, "published": "2012-07-10T00:00:00", "type": "checkpoint_advisories", "title": "Preemptive Protection against Microsoft SharePoint HTML Sanitization Cross-site Scripting (MS12-050; CVE-2012-1858)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2012-1858"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2012-309", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-28T07:09:08", "description": "An information disclosure vulnerability has been reported in Microsoft Internet Explorer.", "cvss3": {}, "published": "2012-06-12T00:00:00", "type": "checkpoint_advisories", "title": "Internet Explorer HTML Sanitization Information Disclosure (MS12-039; CVE-2012-1858)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2012-1858"], "modified": "2022-11-27T00:00:00", "id": "CPAI-2012-255", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}}], "seebug": [{"lastseen": "2017-11-19T16:51:07", "description": "No description provided by source.", "cvss3": {}, "published": "2014-07-01T00:00:00", "title": "IE9, SharePoint, Lync toStaticHTML HTML Sanitizing Bypass", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2012-1858"], "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-73689", "id": "SSV:73689", "sourceData": "\n toStaticHTML: The Second Encounter (CVE-2012-1858)\r\n\r\n*HTML Sanitizing Bypass -\r\n*CVE-2012-1858<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1858>\r\n\r\nOriginal advisory -\r\nhttp://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html\r\n\r\nIntroduction\r\n\r\nThe *toStaticHTML* component, which is found in Internet Explorer > 8,\r\nSharePoint and Lync is used to sanitize HTML fragments from dynamic and\r\npotentially malicious content.\r\n\r\nIf an attacker is able to break the filtering mechanism and pass malicious\r\ncode through this function, he/she may be able to perform HTML injection\r\nbased attacks (i.e. XSS).\r\n\r\nIt has been a year since the first\r\nencounter<http://blog.watchfire.com/wfblog/2011/07/tostatichtml-html-sanitizing-bypass.html>\r\nwas\r\npublished, we've now returned with a new bypass method.\r\n\r\nVulnerability\r\n\r\nAn attacker is able to create a specially formed CSS that will overcome *\r\ntoStaticHTML*'s security logic; therefore, after passing the specially\r\ncrafted CSS string through the *toStaticHTML* function, it will contain an\r\nexpression that triggers a JavaScript call.\r\n\r\nThe following JavaScript code demonstrates the vulnerability:\r\n\r\n*<script>document.write(toStaticHTML("<style>\r\ndiv{font-family:rgb('0,0,0)'''}foo');color=expression(alert(1));{}\r\n</style><div>POC</div>"))</script>*\r\n\r\nIn this case the function's return value would be JavaScript executable:\r\n\r\n*<style>\r\ndiv{font-family:rgb('0,0,0)''';}foo');color=expression(alert(1));{;}</style>\r\n<div>POC</div>*\r\n\r\n\r\n\r\nThe reason this code bypasses the filter engine is due to two reasons:\r\n\r\n 1. The filtering engine allows the string "expression(" to exists in\r\n "non-dangerous" locations within the CSS.\r\n 2. A bug in Internet Explorer's CSS parsing engine doesn't properly\r\n terminate strings that are opened inside brackets and closed outside of\r\n them.\r\n\r\nWhen combining these two factors the attacker is able to "confuse" the\r\nfiltering mechanism into "thinking" that a string is open when in fact it\r\nis terminated and vice versa. With this ability the attacker can trick the\r\nfiltering mechanism into entering a state of the selector context which is\r\nconsidered safer where in fact the code is just a new declaration of the\r\nsame selector, thus breaking the state machine and bypassing the filter.\r\n\r\n\r\n\r\nImpact\r\n\r\nEvery application that relies on the *toStaticHTML* component to sanitize\r\nuser supplied data had probably been vulnerable to XSS.\r\n\r\n\r\n\r\nRemediation\r\n\r\nMicrosoft has issued several updates to address this vulnerability.\r\n\r\nMS12-037 - http://technet.microsoft.com/en-us/security/bulletin/ms12-037\r\n\r\nMS12-039 - http://technet.microsoft.com/en-us/security/bulletin/ms12-039\r\n\r\nMS12-050 - http://technet.microsoft.com/en-us/security/bulletin/MS12-050\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-73689", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "packetstorm": [{"lastseen": "2016-12-05T22:23:57", "description": "", "cvss3": {}, "published": "2012-07-11T00:00:00", "type": "packetstorm", "title": "toStaticHTML HTML Sanitizing Bypass", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2012-1858"], "modified": "2012-07-11T00:00:00", "id": "PACKETSTORM:114615", "href": "https://packetstormsecurity.com/files/114615/toStaticHTML-HTML-Sanitizing-Bypass.html", "sourceData": "`toStaticHTML: The Second Encounter (CVE-2012-1858) \n \n*HTML Sanitizing Bypass - \n*CVE-2012-1858<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1858> \n \nOriginal advisory - \nhttp://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html \n \nIntroduction \n \nThe *toStaticHTML* component, which is found in Internet Explorer > 8, \nSharePoint and Lync is used to sanitize HTML fragments from dynamic and \npotentially malicious content. \n \nIf an attacker is able to break the filtering mechanism and pass malicious \ncode through this function, he/she may be able to perform HTML injection \nbased attacks (i.e. XSS). \n \nIt has been a year since the first \nencounter<http://blog.watchfire.com/wfblog/2011/07/tostatichtml-html-sanitizing-bypass.html> \nwas \npublished, we've now returned with a new bypass method. \n \nVulnerability \n \nAn attacker is able to create a specially formed CSS that will overcome * \ntoStaticHTML*'s security logic; therefore, after passing the specially \ncrafted CSS string through the *toStaticHTML* function, it will contain an \nexpression that triggers a JavaScript call. \n \nThe following JavaScript code demonstrates the vulnerability: \n \n*<script>document.write(toStaticHTML(\"<style> \ndiv{font-family:rgb('0,0,0)'''}foo');color=expression(alert(1));{} \n</style><div>POC</div>\"))</script>* \n \nIn this case the function's return value would be JavaScript executable: \n \n*<style> \ndiv{font-family:rgb('0,0,0)''';}foo');color=expression(alert(1));{;}</style> \n<div>POC</div>* \n \n \n \nThe reason this code bypasses the filter engine is due to two reasons: \n \n1. The filtering engine allows the string \"expression(\" to exists in \n\"non-dangerous\" locations within the CSS. \n2. A bug in Internet Explorer's CSS parsing engine doesn't properly \nterminate strings that are opened inside brackets and closed outside of \nthem. \n \nWhen combining these two factors the attacker is able to \"confuse\" the \nfiltering mechanism into \"thinking\" that a string is open when in fact it \nis terminated and vice versa. With this ability the attacker can trick the \nfiltering mechanism into entering a state of the selector context which is \nconsidered safer where in fact the code is just a new declaration of the \nsame selector, thus breaking the state machine and bypassing the filter. \n \n \n \nImpact \n \nEvery application that relies on the *toStaticHTML* component to sanitize \nuser supplied data had probably been vulnerable to XSS. \n \n \n \nRemediation \n \nMicrosoft has issued several updates to address this vulnerability. \n \nMS12-037 - http://technet.microsoft.com/en-us/security/bulletin/ms12-037 \n \nMS12-039 - http://technet.microsoft.com/en-us/security/bulletin/ms12-039 \n \nMS12-050 - http://technet.microsoft.com/en-us/security/bulletin/MS12-050 \n`\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/114615/tostatichtml-xss.txt"}], "exploitpack": [{"lastseen": "2020-04-01T19:04:32", "description": "\nMicrosoft Internet Explorer 9 SharePoint Lync - toStaticHTML HTML Sanitizing Bypass (MS12-037MS12-039MS12-050)", "cvss3": {}, "published": "2012-07-12T00:00:00", "type": "exploitpack", "title": "Microsoft Internet Explorer 9 SharePoint Lync - toStaticHTML HTML Sanitizing Bypass (MS12-037MS12-039MS12-050)", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1858"], "modified": "2012-07-12T00:00:00", "id": "EXPLOITPACK:A4C844F13ADB3E9DD54232C27BB897A6", "href": "", "sourceData": "toStaticHTML: The Second Encounter (CVE-2012-1858)\n\n*HTML Sanitizing Bypass -\n*CVE-2012-1858<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1858>\n\nOriginal advisory -\nhttp://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html\n\nIntroduction\n\nThe *toStaticHTML* component, which is found in Internet Explorer > 8,\nSharePoint and Lync is used to sanitize HTML fragments from dynamic and\npotentially malicious content.\n\nIf an attacker is able to break the filtering mechanism and pass malicious\ncode through this function, he/she may be able to perform HTML injection\nbased attacks (i.e. XSS).\n\nIt has been a year since the first\nencounter<http://blog.watchfire.com/wfblog/2011/07/tostatichtml-html-sanitizing-bypass.html>\nwas\npublished, we've now returned with a new bypass method.\n\nVulnerability\n\nAn attacker is able to create a specially formed CSS that will overcome *\ntoStaticHTML*'s security logic; therefore, after passing the specially\ncrafted CSS string through the *toStaticHTML* function, it will contain an\nexpression that triggers a JavaScript call.\n\nThe following JavaScript code demonstrates the vulnerability:\n\n*<script>document.write(toStaticHTML(\"<style>\ndiv{font-family:rgb('0,0,0)'''}foo');color=expression(alert(1));{}\n</style><div>POC</div>\"))</script>*\n\nIn this case the function's return value would be JavaScript executable:\n\n*<style>\ndiv{font-family:rgb('0,0,0)''';}foo');color=expression(alert(1));{;}</style>\n<div>POC</div>*\n\n\n\nThe reason this code bypasses the filter engine is due to two reasons:\n\n 1. The filtering engine allows the string \"expression(\" to exists in\n \"non-dangerous\" locations within the CSS.\n 2. A bug in Internet Explorer's CSS parsing engine doesn't properly\n terminate strings that are opened inside brackets and closed outside of\n them.\n\nWhen combining these two factors the attacker is able to \"confuse\" the\nfiltering mechanism into \"thinking\" that a string is open when in fact it\nis terminated and vice versa. With this ability the attacker can trick the\nfiltering mechanism into entering a state of the selector context which is\nconsidered safer where in fact the code is just a new declaration of the\nsame selector, thus breaking the state machine and bypassing the filter.\n\n\n\nImpact\n\nEvery application that relies on the *toStaticHTML* component to sanitize\nuser supplied data had probably been vulnerable to XSS.\n\n\n\nRemediation\n\nMicrosoft has issued several updates to address this vulnerability.\n\nMS12-037 - http://technet.microsoft.com/en-us/security/bulletin/ms12-037\n\nMS12-039 - http://technet.microsoft.com/en-us/security/bulletin/ms12-039\n\nMS12-050 - http://technet.microsoft.com/en-us/security/bulletin/MS12-050", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2023-06-05T14:13:56", "description": "The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document, aka \"HTML Sanitization Vulnerability.\"", "cvss3": {}, "published": "2012-06-12T22:55:00", "type": "cve", "title": "CVE-2012-1858", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1858"], "modified": "2021-07-23T15:12:00", "cpe": ["cpe:/a:microsoft:lync:2010", "cpe:/a:microsoft:office_communicator:2007", "cpe:/a:microsoft:internet_explorer:8", "cpe:/a:microsoft:internet_explorer:9"], "id": "CVE-2012-1858", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1858", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:microsoft:office_communicator:2007:r2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:lync:2010:*:x86:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:lync:2010:*:x64:*:*:*:*:*", "cpe:2.3:a:microsoft:lync:2010:*:attendee:*:*:*:*:*"]}], "exploitdb": [{"lastseen": "2023-06-05T15:36:47", "description": "", "cvss3": {}, "published": "2012-07-12T00:00:00", "type": "exploitdb", "title": "Microsoft Internet Explorer 9 / SharePoint / Lync - toStaticHTML HTML Sanitizing Bypass (MS12-037/MS12-039/MS12-050)", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["2012-1858", "CVE-2012-1858"], "modified": "2012-07-12T00:00:00", "id": "EDB-ID:19777", "href": "https://www.exploit-db.com/exploits/19777", "sourceData": "toStaticHTML: The Second Encounter (CVE-2012-1858)\n\n*HTML Sanitizing Bypass -\n*CVE-2012-1858<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1858>\n\nOriginal advisory -\nhttp://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html\n\nIntroduction\n\nThe *toStaticHTML* component, which is found in Internet Explorer > 8,\nSharePoint and Lync is used to sanitize HTML fragments from dynamic and\npotentially malicious content.\n\nIf an attacker is able to break the filtering mechanism and pass malicious\ncode through this function, he/she may be able to perform HTML injection\nbased attacks (i.e. XSS).\n\nIt has been a year since the first\nencounter<http://blog.watchfire.com/wfblog/2011/07/tostatichtml-html-sanitizing-bypass.html>\nwas\npublished, we've now returned with a new bypass method.\n\nVulnerability\n\nAn attacker is able to create a specially formed CSS that will overcome *\ntoStaticHTML*'s security logic; therefore, after passing the specially\ncrafted CSS string through the *toStaticHTML* function, it will contain an\nexpression that triggers a JavaScript call.\n\nThe following JavaScript code demonstrates the vulnerability:\n\n*<script>document.write(toStaticHTML(\"<style>\ndiv{font-family:rgb('0,0,0)'''}foo');color=expression(alert(1));{}\n</style><div>POC</div>\"))</script>*\n\nIn this case the function's return value would be JavaScript executable:\n\n*<style>\ndiv{font-family:rgb('0,0,0)''';}foo');color=expression(alert(1));{;}</style>\n<div>POC</div>*\n\n\n\nThe reason this code bypasses the filter engine is due to two reasons:\n\n 1. The filtering engine allows the string \"expression(\" to exists in\n \"non-dangerous\" locations within the CSS.\n 2. A bug in Internet Explorer's CSS parsing engine doesn't properly\n terminate strings that are opened inside brackets and closed outside of\n them.\n\nWhen combining these two factors the attacker is able to \"confuse\" the\nfiltering mechanism into \"thinking\" that a string is open when in fact it\nis terminated and vice versa. With this ability the attacker can trick the\nfiltering mechanism into entering a state of the selector context which is\nconsidered safer where in fact the code is just a new declaration of the\nsame selector, thus breaking the state machine and bypassing the filter.\n\n\n\nImpact\n\nEvery application that relies on the *toStaticHTML* component to sanitize\nuser supplied data had probably been vulnerable to XSS.\n\n\n\nRemediation\n\nMicrosoft has issued several updates to address this vulnerability.\n\nMS12-037 - http://technet.microsoft.com/en-us/security/bulletin/ms12-037\n\nMS12-039 - http://technet.microsoft.com/en-us/security/bulletin/ms12-039\n\nMS12-050 - http://technet.microsoft.com/en-us/security/bulletin/MS12-050", "sourceHref": "https://gitlab.com/exploit-database/exploitdb/-/raw/main/exploits/windows/dos/19777.txt", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2017-07-14T10:50:56", "description": "This host is missing a critical security update according to\n Microsoft Bulletin MS12-039.", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "openvas", "title": "Microsoft Lync Remote Code Execution Vulnerabilities (2707956)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1858", "CVE-2011-3402", "CVE-2012-0159", "CVE-2012-1849"], "modified": "2017-06-29T00:00:00", "id": "OPENVAS:902842", "href": "http://plugins.openvas.org/nasl.php?oid=902842", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms12-039.nasl 6473 2017-06-29 06:07:30Z cfischer $\n#\n# Microsoft Lync Remote Code Execution Vulnerabilities (2707956)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow an attacker to execute arbitrary code\n with kernel-level privileges. Failed exploit attempts may result in a\n denial of service condition.\n Impact Level: System/Application\";\ntag_affected = \"Microsoft Lync 2010\n Microsoft Lync 2010 Attendee\n Microsoft Lync 2010 Attendant\n Microsoft Communicator 2007 R2\";\ntag_insight = \"- An error within the Win32k kernel-mode driver (win32k.sys) when parsing\n TrueType fonts.\n - An error in the t2embed.dll module when parsing TrueType fonts.\n - The client loads libraries in an insecure manner, which can be exploited\n to load arbitrary libraries by tricking a user into opening a '.ocsmeet'\n file located on a remote WebDAV or SMB share.\n - An unspecified error in the 'SafeHTML' API when sanitising HTML code can\n be exploited to execute arbitrary HTML and script code in the user's chat\n session.\";\ntag_solution = \"Run Windows Update and update the listed hotfixes or download and\n update mentioned hotfixes in the advisory from the below link,\n http://technet.microsoft.com/en-us/security/bulletin/ms12-039\";\ntag_summary = \"This host is missing a critical security update according to\n Microsoft Bulletin MS12-039.\";\n\nif(description)\n{\n script_id(902842);\n script_version(\"$Revision: 6473 $\");\n script_bugtraq_id(50462, 53335, 53831, 53833);\n script_cve_id(\"CVE-2011-3402\", \"CVE-2012-0159\", \"CVE-2012-1849\", \"CVE-2012-1858\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-06-29 08:07:30 +0200 (Thu, 29 Jun 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-13 11:11:11 +0530 (Wed, 13 Jun 2012)\");\n script_name(\"Microsoft Lync Remote Code Execution Vulnerabilities (2707956)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/48429\");\n script_xref(name : \"URL\" , value : \"http://www.securitytracker.com/id/1027150\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms12-039\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_ms_lync_detect_win.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"MS/Lync/Installed\");\n\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n## Variables Initialization\npath = \"\";\noglVer = \"\";\nattVer = \"\";\ncommVer = \"\";\n\n## Check for Microsoft Lync 2010/Communicator 2007 R2\nif(get_kb_item(\"MS/Lync/Ver\"))\n{\n ## Get Installed Path\n path = get_kb_item(\"MS/Lync/path\");\n if(path)\n {\n ## Get Version from communicator.exe\n commVer = fetch_file_version(sysPath:path, file_name:\"communicator.exe\");\n if(commVer)\n {\n if(version_in_range(version:commVer, test_version:\"3.5\", test_version2:\"3.5.6907.252\")||\n version_in_range(version:commVer, test_version:\"4.0\", test_version2:\"4.0.7577.4097\"))\n {\n security_message(0);\n exit(0);\n }\n }\n }\n}\n\n## For Microsoft Lync 2010 Attendee (admin level install) \n## For Microsoft Lync 2010 Attendee (user level install) \nif(get_kb_item(\"MS/Lync/Attendee/Ver\"))\n{\n ## Get Installed Path\n path = get_kb_item(\"MS/Lync/Attendee/path\");\n if(path)\n {\n ## Get Version from Ogl.dll\n oglVer = fetch_file_version(sysPath:path, file_name:\"Ogl.dll\");\n if(oglVer)\n {\n if(version_in_range(version:oglVer, test_version:\"4.0\", test_version2:\"4.0.7577.4097\"))\n {\n security_message(0);\n exit(0);\n }\n }\n }\n}\n\n## Check for Microsoft Lync 2010 Attendant\nif(get_kb_item(\"MS/Lync/Attendant/Ver\"))\n{\n ## Get Installed Path\n path = get_kb_item(\"MS/Lync/Attendant/path\");\n if(path)\n {\n ## Get Version from AttendantConsole.exe\n attVer = fetch_file_version(sysPath:path, file_name:\"AttendantConsole.exe\");\n if(attVer)\n {\n if(version_in_range(version:attVer, test_version:\"4.0\", test_version2:\"4.0.7577.4097\"))\n {\n security_message(0);\n exit(0);\n }\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-06-10T19:55:18", "description": "This host is missing a critical security update according to\n Microsoft Bulletin MS12-039.", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "openvas", "title": "Microsoft Lync Remote Code Execution Vulnerabilities (2707956)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1858", "CVE-2011-3402", "CVE-2012-0159", "CVE-2012-1849"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310902842", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902842", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Lync Remote Code Execution Vulnerabilities (2707956)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2012 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902842\");\n script_version(\"2020-06-09T10:15:40+0000\");\n script_bugtraq_id(50462, 53335, 53831, 53833);\n script_cve_id(\"CVE-2011-3402\", \"CVE-2012-0159\", \"CVE-2012-1849\", \"CVE-2012-1858\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 10:15:40 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-06-13 11:11:11 +0530 (Wed, 13 Jun 2012)\");\n script_name(\"Microsoft Lync Remote Code Execution Vulnerabilities (2707956)\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1027150\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-039\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_ms_lync_detect_win.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"MS/Lync/Installed\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow an attacker to execute arbitrary code\n with kernel-level privileges. Failed exploit attempts may result in a\n denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Lync 2010\n\n - Microsoft Lync 2010 Attendee\n\n - Microsoft Lync 2010 Attendant\n\n - Microsoft Communicator 2007 R2\");\n\n script_tag(name:\"insight\", value:\"- An error within the Win32k kernel-mode driver (win32k.sys) when parsing\n TrueType fonts.\n\n - An error in the t2embed.dll module when parsing TrueType fonts.\n\n - The client loads libraries in an insecure manner, which can be exploited\n to load arbitrary libraries by tricking a user into opening a '.ocsmeet'\n file located on a remote WebDAV or SMB share.\n\n - An unspecified error in the 'SafeHTML' API when sanitising HTML code can\n be exploited to execute arbitrary HTML and script code in the user's chat\n session.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security update according to\n Microsoft Bulletin MS12-039.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(get_kb_item(\"MS/Lync/Ver\"))\n{\n path = get_kb_item(\"MS/Lync/path\");\n if(path)\n {\n commVer = fetch_file_version(sysPath:path, file_name:\"communicator.exe\");\n if(commVer)\n {\n if(version_in_range(version:commVer, test_version:\"3.5\", test_version2:\"3.5.6907.252\")||\n version_in_range(version:commVer, test_version:\"4.0\", test_version2:\"4.0.7577.4097\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n}\n\n## For Microsoft Lync 2010 Attendee (admin level install)\n## For Microsoft Lync 2010 Attendee (user level install)\nif(get_kb_item(\"MS/Lync/Attendee/Ver\"))\n{\n path = get_kb_item(\"MS/Lync/Attendee/path\");\n if(path)\n {\n oglVer = fetch_file_version(sysPath:path, file_name:\"Ogl.dll\");\n if(oglVer)\n {\n if(version_in_range(version:oglVer, test_version:\"4.0\", test_version2:\"4.0.7577.4097\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n}\n\nif(get_kb_item(\"MS/Lync/Attendant/Ver\"))\n{\n path = get_kb_item(\"MS/Lync/Attendant/path\");\n if(path)\n {\n attVer = fetch_file_version(sysPath:path, file_name:\"AttendantConsole.exe\");\n if(attVer)\n {\n if(version_in_range(version:attVer, test_version:\"4.0\", test_version2:\"4.0.7577.4097\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-19T17:41:45", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS12-050.", "cvss3": {}, "published": "2012-07-11T00:00:00", "type": "openvas", "title": "Microsoft SharePoint Multiple Privilege Elevation Vulnerabilities (2695502)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1862", "CVE-2012-1858", "CVE-2012-1863", "CVE-2012-1861", "CVE-2012-1860", "CVE-2012-1859"], "modified": "2020-05-15T00:00:00", "id": "OPENVAS:1361412562310902847", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902847", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft SharePoint Multiple Privilege Elevation Vulnerabilities (2695502)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902847\");\n script_version(\"2020-05-15T08:09:24+0000\");\n script_bugtraq_id(53842, 54312, 54313, 54314, 54315, 54316);\n script_cve_id(\"CVE-2012-1858\", \"CVE-2012-1859\", \"CVE-2012-1860\", \"CVE-2012-1861\",\n \"CVE-2012-1862\", \"CVE-2012-1863\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-15 08:09:24 +0000 (Fri, 15 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-07-11 11:11:11 +0530 (Wed, 11 Jul 2012)\");\n script_name(\"Microsoft SharePoint Multiple Privilege Elevation Vulnerabilities (2695502)\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1027232\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-050\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"smb_reg_service_pack.nasl\", \"gb_ms_sharepoint_sever_n_foundation_detect.nasl\", \"secpod_office_products_version_900032.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow an attacker to bypass certain security\n restrictions and conduct cross-site scripting and spoofing attacks.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft InfoPath 2010\n\n - Microsoft Groove Server 2010\n\n - Microsoft Office Web Apps 2010\n\n - Microsoft SharePoint Server 2010\n\n - Microsoft SharePoint Foundation 2010\n\n - Microsoft InfoPath 2007 Service Pack 2\n\n - Microsoft InfoPath 2007 Service Pack 3\n\n - Microsoft InfoPath 2010 Service Pack 1\n\n - Microsoft Groove Server 2010 Service Pack 1\n\n - Microsoft Office Web Apps 2010 Service Pack 1\n\n - Microsoft SharePoint Server 2010 Service Pack 1\n\n - Microsoft SharePoint Foundation 2010 Service Pack 1\n\n - Microsoft Office SharePoint Server 2007 Service Pack 2\n\n - Microsoft Office SharePoint Server 2007 Service Pack 3\n\n - Microsoft Windows SharePoint Services 3.0 Service Pack 2\");\n\n script_tag(name:\"insight\", value:\"- Certain input is not properly sanitised in the 'SafeHTML' API before being\n returned to the user.\n\n - Certain unspecified input is not properly sanitised in scriptresx.ashx\n before being returned to the user. This can be exploited to execute\n arbitrary HTML and script code in a user's browser session in context of\n an affected site.\n\n - An error when validating search scope permissions can be exploited to view\n or modify another user's search scope.\n\n - Certain unspecified input associated with a username is not properly\n sanitised before being returned to the user. This can be exploited to\n execute arbitrary HTML and script code in a user's browser session in\n context of an affected site.\n\n - Certain unspecified input associated with a URL is not properly verified\n before being used to redirect users. This can be exploited to redirect a\n user to an arbitrary website.\n\n - Certain unspecified input associated with a reflected list parameter is\n not properly sanitised before being returned to the user. This can be\n exploited to execute arbitrary HTML and script code in a user's browser\n session in context of an affected site.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS12-050.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n## InfoPath 2007 and InfoPath 2010\nkeys = make_list(\"SOFTWARE\\Microsoft\\Office\\12.0\\InfoPath\\InstallRoot\",\n \"SOFTWARE\\Microsoft\\Office\\14.0\\InfoPath\\InstallRoot\");\nforeach key(keys)\n{\n if(registry_key_exists(key:key))\n {\n infoPath = registry_get_sz(key:key, item:\"Path\");\n\n if(infoPath)\n {\n exeVer = fetch_file_version(sysPath:infoPath, file_name:\"Infopath.Exe\");\n dllVer = fetch_file_version(sysPath:infoPath, file_name:\"Ipeditor.dll\");\n if((exeVer &&\n (version_in_range(version:exeVer, test_version:\"12.0\", test_version2:\"12.0.6661.4999\") ||\n version_in_range(version:exeVer, test_version:\"14.0\", test_version2:\"14.0.6120.4999\"))) ||\n (dllVer &&\n (version_in_range(version:dllVer, test_version:\"12.0\", test_version2:\"12.0.6661.4999\") ||\n version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.6120.4999\"))))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n}\n\n## Microsoft Groove 2010\nexeVer = get_kb_item(\"SMB/Office/Groove/Version\");\nif(exeVer && exeVer =~ \"^14\\.\")\n{\n key = \"SOFTWARE\\Microsoft\\Office Server\\14.0\\Groove\";\n if(registry_key_exists(key:key))\n {\n dllPath = registry_get_sz(key:key, item:\"EMSInstallDir\");\n if(dllPath)\n {\n dllVer = fetch_file_version(sysPath:dllPath, file_name:\"groovems.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.6116.4999\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n }\n}\n\ncpe_list = make_list(\"cpe:/a:microsoft:sharepoint_server\", \"cpe:/a:microsoft:sharepoint_foundation\", \"cpe:/a:microsoft:sharepoint_services\");\n\nif(!infos = get_app_version_and_location_from_list(cpe_list:cpe_list, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\ncpe = infos[\"cpe\"];\n\n## SharePoint Server 2007 and 2010\nif(\"cpe:/a:microsoft:sharepoint_server\" >< cpe)\n{\n ## SharePoint Server 2007 Service Pack 2 (coreserver)\n if(vers =~ \"^12\\.\"){\n key = \"SOFTWARE\\Microsoft\\Office Server\\12.0\";\n file = \"Microsoft.sharepoint.publishing.dll\";\n }\n\n ## SharePoint Server 2010 (wosrv)\n else if(vers =~ \"^14\\.\"){\n key = \"SOFTWARE\\Microsoft\\Office Server\\14.0\";\n file = \"Microsoft.office.server.native.dll\";\n }\n\n if(key && registry_key_exists(key:key) && file)\n {\n if(path = registry_get_sz(key:key, item:\"BinPath\"))\n {\n dllVer = fetch_file_version(sysPath:path, file_name:file);\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"12.0\", test_version2:\"12.0.6660.4999\") ||\n version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.6108.4999\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n }\n}\n\n## SharePoint Foundation 2010\nif(\"cpe:/a:microsoft:sharepoint_foundation\" >< cpe)\n{\n key = \"SOFTWARE\\Microsoft\\Shared Tools\\Web Server Extensions\\14.0\";\n if(registry_key_exists(key:key))\n {\n dllPath = registry_get_sz(key:key, item:\"Location\");\n if(dllPath)\n {\n dllVer = fetch_file_version(sysPath:dllPath, file_name:\"BIN\\Onetutil.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.6120.5004\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n }\n}\n\n## SharePoint Services 3.0 and 2.0\nif(\"cpe:/a:microsoft:sharepoint_services\" >< cpe)\n{\n key = \"SOFTWARE\\Microsoft\\Shared Tools\";\n if(registry_key_exists(key:key))\n {\n dllPath = registry_get_sz(key:key, item:\"SharedFilesDir\");\n if(dllPath)\n {\n dllVer = fetch_file_version(sysPath:dllPath, file_name:\"web server extensions\\12\\BIN\\Onetutil.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"12.0\", test_version2:\"12.0.6661.4999\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n\n dllVer2 = fetch_file_version(sysPath:dllPath, file_name:\"web server extensions\\60\\BIN\\Onetutil.dll\");\n if(dllVer2 && dllVer2 =~ \"^11\\.0\")\n {\n if(version_is_less(version:dllVer2, test_version:\"11.0.8346.0\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n }\n}\n\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-20T08:50:17", "description": "This host is missing a critical security update according to\n Microsoft Bulletin MS12-037.", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "openvas", "title": "Microsoft Internet Explorer Multiple Vulnerabilities (2699988)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1876", "CVE-2012-1875", "CVE-2012-1880", "CVE-2012-1872", "CVE-2012-1881", "CVE-2012-1858", "CVE-2012-1878", "CVE-2012-1523", "CVE-2012-1882", "CVE-2012-1879", "CVE-2012-1874", "CVE-2012-1873", "CVE-2012-1877"], "modified": "2017-07-05T00:00:00", "id": "OPENVAS:902682", "href": "http://plugins.openvas.org/nasl.php?oid=902682", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms12-037.nasl 6526 2017-07-05 05:43:52Z cfischer $\n#\n# Microsoft Internet Explorer Multiple Vulnerabilities (2699988)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow remote attackers to gain sensitive\n information or execute arbitrary code in the context of the application.\n Impact Level: System/Application\";\ntag_affected = \"Microsoft Internet Explorer version 6.x/7.x/8.x/9.x\";\ntag_insight = \"Multiple vulnerabilities are due to the way that Internet Explorer,\n - Handles content using specific strings when sanitizing HTML.\n - Handles EUC-JP character encoding.\n - Processes NULL bytes, which allows to disclose content from the process\n memory.\n - Accesses an object that has been deleted, which allows to corrupt memory\n using Internet Explorer Developer Toolbar.\n - Accesses an object that does not exist, when handling the 'Col' element.\n - Accesses an object that has been deleted, when handling Same ID Property,\n 'Title' element, 'OnBeforeDeactivate' event, 'insertRow' method and\n 'OnRowsInserted' event allows to corrupt memory.\n - Accesses an undefined memory location, when handling the\n 'insertAdjacentText' method allows to corrupt memory.\n - Handles 'Scrolling' event.\";\ntag_solution = \"Run Windows Update and update the listed hotfixes or download and\n update mentioned hotfixes in the advisory from the below link,\n http://technet.microsoft.com/en-us/security/bulletin/ms12-037\";\ntag_summary = \"This host is missing a critical security update according to\n Microsoft Bulletin MS12-037.\";\n\nif(description)\n{\n script_id(902682);\n script_version(\"$Revision: 6526 $\");\n script_cve_id(\"CVE-2012-1523\", \"CVE-2012-1858\", \"CVE-2012-1872\", \"CVE-2012-1873\",\n \"CVE-2012-1874\", \"CVE-2012-1875\", \"CVE-2012-1876\", \"CVE-2012-1877\",\n \"CVE-2012-1878\", \"CVE-2012-1879\", \"CVE-2012-1880\", \"CVE-2012-1881\",\n \"CVE-2012-1882\");\n script_bugtraq_id(53841, 53842, 53843, 53844, 53845, 53847, 53848, 53866,\n 53867, 53868, 53869, 53870, 53871);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-05 07:43:52 +0200 (Wed, 05 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-13 09:16:32 +0530 (Wed, 13 Jun 2012)\");\n script_name(\"Microsoft Internet Explorer Multiple Vulnerabilities (2699988)\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_ie_detect.nasl\");\n script_mandatory_keys(\"MS/IE/Version\");\n script_require_ports(139, 445);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/49412/\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2699988\");\n script_xref(name : \"URL\" , value : \"http://www.securitytracker.com/id/1027147\");\n script_xref(name : \"URL\" , value : \"http://www.securelist.com/en/advisories/49412\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms12-037\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n## Variables Initialization\nsysPath = \"\";\nieVer = \"\";\ndllVer = NULL;\n\n## Check for OS and Service Pack\nif(hotfix_check_sp(xp:4, win2003:3, winVista:3, win2008:3, win7:2) <= 0){\n exit(0);\n}\n\n## Get IE Version from KB\nieVer = get_kb_item(\"MS/IE/Version\");\nif(!ieVer || !(ieVer =~ \"^(6|7|8|9)\")){\n exit(0);\n}\n\n## Get System Path\nsysPath = smb_get_systemroot();\nif(!sysPath ){\n exit(0);\n}\n\n## Get Version from Mshtml.dll\ndllVer = fetch_file_version(sysPath, file_name:\"system32\\Mshtml.dll\");\nif(!dllVer){\n exit(0);\n}\n\n## Windows XP\nif(hotfix_check_sp(xp:4) > 0)\n{\n ## Check for Mshtml.dll version\n if(version_in_range(version:dllVer, test_version:\"6.0.2900.0000\", test_version2:\"6.0.2900.6211\")||\n version_in_range(version:dllVer, test_version:\"7.0.0000.00000\", test_version2:\"7.0.6000.17109\")||\n version_in_range(version:dllVer, test_version:\"7.0.6000.20000\", test_version2:\"7.0.6000.21311\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.18000\", test_version2:\"8.0.6001.19257\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.20000\", test_version2:\"8.0.6001.23344\")){\n security_message(0);\n }\n exit(0);\n}\n\n## Windows 2003\nelse if(hotfix_check_sp(win2003:3) > 0)\n{\n ## Check for Mshtml.dll version\n if(version_in_range(version:dllVer, test_version:\"6.0.3790.0000\", test_version2:\"6.0.3790.4985\") ||\n version_in_range(version:dllVer, test_version:\"7.0.0000.00000\", test_version2:\"7.0.6000.17109\")||\n version_in_range(version:dllVer, test_version:\"7.0.6000.21000\", test_version2:\"7.0.6000.21311\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.18000\", test_version2:\"8.0.6001.19257\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.20000\", test_version2:\"8.0.6001.23344\")){\n security_message(0);\n }\n exit(0);\n}\n\n## Windows Vista and Windows Server 2008\nelse if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n{\n ## Check for Mshtml.dll version\n if(version_in_range(version:dllVer, test_version:\"7.0.6002.18000\", test_version2:\"7.0.6002.18615\")||\n version_in_range(version:dllVer, test_version:\"7.0.6002.22000\", test_version2:\"7.0.6002.22837\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.18000\", test_version2:\"8.0.6001.19271\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.20000\", test_version2:\"8.0.6001.23358\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.16000\", test_version2:\"9.0.8112.16445\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.20000\", test_version2:\"9.0.8112.20550\")){\n security_message(0);\n }\n exit(0);\n}\n\n## Windows 7\nelse if(hotfix_check_sp(win7:2) > 0)\n{\n ## Check for Mshtml.dll version\n if(version_in_range(version:dllVer, test_version:\"8.0.7600.16000\", test_version2:\"8.0.7600.17005\")||\n version_in_range(version:dllVer, test_version:\"8.0.7600.20000\", test_version2:\"8.0.7600.21197\")||\n version_in_range(version:dllVer, test_version:\"8.0.7601.16000\", test_version2:\"8.0.7601.17823\")||\n version_in_range(version:dllVer, test_version:\"8.0.7601.21000\", test_version2:\"8.0.7601.21975\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.16000\", test_version2:\"9.0.8112.16445\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.20000\", test_version2:\"9.0.8112.20550\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-06-10T19:59:47", "description": "This host is missing a critical security update according to\n Microsoft Bulletin MS12-037.", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "openvas", "title": "Microsoft Internet Explorer Multiple Vulnerabilities (2699988)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1876", "CVE-2012-1875", "CVE-2012-1880", "CVE-2012-1872", "CVE-2012-1881", "CVE-2012-1858", "CVE-2012-1878", "CVE-2012-1523", "CVE-2012-1882", "CVE-2012-1879", "CVE-2012-1874", "CVE-2012-1873", "CVE-2012-1877"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310902682", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902682", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Internet Explorer Multiple Vulnerabilities (2699988)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2012 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902682\");\n script_version(\"2020-06-09T10:15:40+0000\");\n script_cve_id(\"CVE-2012-1523\", \"CVE-2012-1858\", \"CVE-2012-1872\", \"CVE-2012-1873\",\n \"CVE-2012-1874\", \"CVE-2012-1875\", \"CVE-2012-1876\", \"CVE-2012-1877\",\n \"CVE-2012-1878\", \"CVE-2012-1879\", \"CVE-2012-1880\", \"CVE-2012-1881\",\n \"CVE-2012-1882\");\n script_bugtraq_id(53841, 53842, 53843, 53844, 53845, 53847, 53848, 53866,\n 53867, 53868, 53869, 53870, 53871);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 10:15:40 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-06-13 09:16:32 +0530 (Wed, 13 Jun 2012)\");\n script_name(\"Microsoft Internet Explorer Multiple Vulnerabilities (2699988)\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_ie_detect.nasl\");\n script_mandatory_keys(\"MS/IE/Version\");\n script_require_ports(139, 445);\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow remote attackers to gain sensitive\n information or execute arbitrary code in the context of the application.\");\n\n script_tag(name:\"affected\", value:\"Microsoft Internet Explorer version 6.x/7.x/8.x/9.x.\");\n\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities are due to the way that Internet Explorer,\n\n - Handles content using specific strings when sanitizing HTML.\n\n - Handles EUC-JP character encoding.\n\n - Processes NULL bytes, which allows to disclose content from the process\n memory.\n\n - Accesses an object that has been deleted, which allows to corrupt memory\n using Internet Explorer Developer Toolbar.\n\n - Accesses an object that does not exist, when handling the 'Col' element.\n\n - Accesses an object that has been deleted, when handling Same ID Property,\n 'Title' element, 'OnBeforeDeactivate' event, 'insertRow' method and\n 'OnRowsInserted' event allows to corrupt memory.\n\n - Accesses an undefined memory location, when handling the\n 'insertAdjacentText' method allows to corrupt memory.\n\n - Handles 'Scrolling' event.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"This host is missing a critical security update according to\n Microsoft Bulletin MS12-037.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2699988\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1027147\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/49412\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-037\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(xp:4, win2003:3, winVista:3, win2008:3, win7:2) <= 0){\n exit(0);\n}\n\nieVer = get_kb_item(\"MS/IE/Version\");\nif(!ieVer || ieVer !~ \"^[6-9]\\.\"){\n exit(0);\n}\n\nsysPath = smb_get_systemroot();\nif(!sysPath ){\n exit(0);\n}\n\ndllVer = fetch_file_version(sysPath:sysPath, file_name:\"system32\\Mshtml.dll\");\nif(!dllVer){\n exit(0);\n}\n\nif(hotfix_check_sp(xp:4) > 0)\n{\n if(version_in_range(version:dllVer, test_version:\"6.0.2900.0000\", test_version2:\"6.0.2900.6211\")||\n version_in_range(version:dllVer, test_version:\"7.0.0000.00000\", test_version2:\"7.0.6000.17109\")||\n version_in_range(version:dllVer, test_version:\"7.0.6000.20000\", test_version2:\"7.0.6000.21311\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.18000\", test_version2:\"8.0.6001.19257\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.20000\", test_version2:\"8.0.6001.23344\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n\nelse if(hotfix_check_sp(win2003:3) > 0)\n{\n if(version_in_range(version:dllVer, test_version:\"6.0.3790.0000\", test_version2:\"6.0.3790.4985\") ||\n version_in_range(version:dllVer, test_version:\"7.0.0000.00000\", test_version2:\"7.0.6000.17109\")||\n version_in_range(version:dllVer, test_version:\"7.0.6000.21000\", test_version2:\"7.0.6000.21311\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.18000\", test_version2:\"8.0.6001.19257\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.20000\", test_version2:\"8.0.6001.23344\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n\nelse if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n{\n if(version_in_range(version:dllVer, test_version:\"7.0.6002.18000\", test_version2:\"7.0.6002.18615\")||\n version_in_range(version:dllVer, test_version:\"7.0.6002.22000\", test_version2:\"7.0.6002.22837\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.18000\", test_version2:\"8.0.6001.19271\")||\n version_in_range(version:dllVer, test_version:\"8.0.6001.20000\", test_version2:\"8.0.6001.23358\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.16000\", test_version2:\"9.0.8112.16445\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.20000\", test_version2:\"9.0.8112.20550\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n\nelse if(hotfix_check_sp(win7:2) > 0)\n{\n if(version_in_range(version:dllVer, test_version:\"8.0.7600.16000\", test_version2:\"8.0.7600.17005\")||\n version_in_range(version:dllVer, test_version:\"8.0.7600.20000\", test_version2:\"8.0.7600.21197\")||\n version_in_range(version:dllVer, test_version:\"8.0.7601.16000\", test_version2:\"8.0.7601.17823\")||\n version_in_range(version:dllVer, test_version:\"8.0.7601.21000\", test_version2:\"8.0.7601.21975\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.16000\", test_version2:\"9.0.8112.16445\")||\n version_in_range(version:dllVer, test_version:\"9.0.8112.20000\", test_version2:\"9.0.8112.20550\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2021-06-08T19:02:41", "description": "Font parsing vulnerabilities, unsafe DLL loading, crossite scripting.", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "securityvulns", "title": "Mictosoft Lync multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2012-1858", "CVE-2011-3402", "CVE-2012-0159", "CVE-2012-1849"], "modified": "2012-06-13T00:00:00", "id": "SECURITYVULNS:VULN:12406", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12406", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:47", "description": "Crossite scripting, URL redirection.", "cvss3": {}, "published": "2012-07-11T00:00:00", "type": "securityvulns", "title": "Microsoft Sharepoint multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2012-1862", "CVE-2012-1858", "CVE-2012-1863", "CVE-2012-1861", "CVE-2012-1860", "CVE-2012-1859"], "modified": "2012-07-11T00:00:00", "id": "SECURITYVULNS:VULN:12466", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12466", "sourceData": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:16:47", "description": "Multiple memory corruptions, code executions, information leakage.", "cvss3": {}, "published": "2012-06-25T00:00:00", "type": "securityvulns", "title": "Microsoft Internet Explorer multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2012-1876", "CVE-2012-1875", "CVE-2012-1880", "CVE-2012-1872", "CVE-2012-1881", "CVE-2012-1858", "CVE-2012-1878", "CVE-2012-1523", "CVE-2012-1882", "CVE-2012-1879", "CVE-2012-1874", "CVE-2012-1873", "CVE-2012-1877"], "modified": "2012-06-25T00:00:00", "id": "SECURITYVULNS:VULN:12404", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12404", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2023-05-18T14:23:53", "description": "The remote Windows host is potentially affected by the following vulnerabilities :\n\n - Multiple code execution vulnerabilities exist in the handling of specially crafted TrueType font files.\n (CVE-2011-3402, CVE-2012-0159)\n\n - An insecure library loading vulnerability exists in the way that Microsoft Lync handles the loading of DLL files. (CVE-2012-1849)\n\n - An HTML sanitization vulnerability exists in the way that HTML is filtered. (CVE-2012-1858)", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "nessus", "title": "MS12-039: Vulnerabilities in Lync Could Allow Remote Code Execution (2707956)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3402", "CVE-2012-0159", "CVE-2012-1849", "CVE-2012-1858"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:microsoft:office_communicator", "cpe:/a:microsoft:lync"], "id": "SMB_NT_MS12-039.NASL", "href": "https://www.tenable.com/plugins/nessus/59457", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59457);\n script_version(\"1.31\");\n script_cvs_date(\"Date: 2018/11/15 20:50:31\");\n\n script_cve_id(\"CVE-2011-3402\", \"CVE-2012-0159\", \"CVE-2012-1849\", \"CVE-2012-1858\");\n script_bugtraq_id(50462, 53335, 53831, 53842);\n script_xref(name:\"EDB-ID\", value:\"19777\");\n script_xref(name:\"MSFT\", value:\"MS12-039\");\n script_xref(name:\"MSKB\", value:\"2693282\");\n script_xref(name:\"MSKB\", value:\"2693283\");\n script_xref(name:\"MSKB\", value:\"2696031\");\n script_xref(name:\"MSKB\", value:\"2702444\");\n script_xref(name:\"MSKB\", value:\"2708980\");\n\n script_name(english:\"MS12-039: Vulnerabilities in Lync Could Allow Remote Code Execution (2707956)\");\n script_summary(english:\"Checks version of multiple files\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"Arbitrary code can be executed on the remote host through Microsoft\nLync.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is potentially affected by the following\nvulnerabilities :\n\n - Multiple code execution vulnerabilities exist in the\n handling of specially crafted TrueType font files.\n (CVE-2011-3402, CVE-2012-0159)\n\n - An insecure library loading vulnerability exists in the\n way that Microsoft Lync handles the loading of DLL\n files. (CVE-2012-1849)\n\n - An HTML sanitization vulnerability exists in the way\n that HTML is filtered. (CVE-2012-1858)\");\n # http://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7d49512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-12-129/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2012/Aug/58\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-039\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for Lync 2010, Lync 2010\nAttendee, Lync 2010 Attendant, and Communicator 2007 R2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office_communicator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:lync\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nglobal_var bulletin;\n\nfunction get_user_dirs()\n{\n local_var appdir, dirpat, domain, hklm, iter, lcpath, login, pass;\n local_var path, paths, pdir, port, rc, root, share, user, ver;\n\n paths = make_list();\n\n registry_init();\n hklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n pdir = get_registry_value(handle:hklm, item:\"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList\\ProfilesDirectory\");\n if (pdir && stridx(tolower(pdir), \"%systemdrive%\") == 0)\n {\n root = get_registry_value(handle:hklm, item:\"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SystemRoot\");\n if (!isnull(root))\n {\n share = ereg_replace(string:root, pattern:\"^([A-Za-z]):.*\", replace:\"\\1:\");\n pdir = share + substr(pdir, strlen(\"%systemdrive%\"));\n }\n }\n RegCloseKey(handle:hklm);\n close_registry(close:FALSE);\n\n if (!pdir)\n return NULL;\n\n ver = get_kb_item(\"SMB/WindowsVersion\");\n\n share = ereg_replace(string:pdir, pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\");\n dirpat = ereg_replace(string:pdir, pattern:\"^[A-Za-z]:(.*)\", replace:\"\\1\\*\");\n\n port = kb_smb_transport();\n if (!get_port_state(port)) audit(AUDIT_PORT_CLOSED, port);\n login = kb_smb_login();\n pass = kb_smb_password();\n domain = kb_smb_domain();\n\n rc = NetUseAdd(login:login, password:pass, domain:domain, share:share);\n if (rc != 1)\n {\n NetUseDel(close:FALSE);\n return NULL;\n }\n\n # 2000 / XP / 2003\n if (ver < 6)\n appdir += \"\\Local Settings\\Application Data\";\n # Vista / 7 / 2008\n else\n appdir += \"\\AppData\\Local\";\n\n paths = make_array();\n iter = FindFirstFile(pattern:dirpat);\n while (!isnull(iter[1]))\n {\n user = iter[1];\n iter = FindNextFile(handle:iter);\n\n if (user == \".\" || user == \"..\")\n continue;\n\n path = pdir + \"\\\" + user + appdir;\n\n lcpath = tolower(path);\n if (isnull(paths[lcpath]))\n paths[lcpath] = path;\n }\n\n NetUseDel(close:FALSE);\n\n return paths;\n}\n\nfunction check_vuln(file, fix, kb, key, min, paths)\n{\n local_var base, hklm, path, result, rc, share;\n\n if (!isnull(key))\n {\n registry_init();\n hklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n base = get_registry_value(handle:hklm, item:key);\n RegCloseKey(handle:hklm);\n close_registry(close:FALSE);\n\n if (isnull(base))\n return FALSE;\n }\n\n if (isnull(paths))\n paths = make_list(\"\");\n\n result = FALSE;\n foreach path (paths)\n {\n path = base + path;\n\n share = ereg_replace(string:path, pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\");\n if (!is_accessible_share(share:share))\n continue;\n\n rc = hotfix_check_fversion(file:file, version:fix, min_version:min, path:path, bulletin:bulletin, kb:kb);\n\n if (rc == HCF_OLDER)\n result = TRUE;\n }\n\n return result;\n}\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS12-039\";\nkbs = make_list(\"2693282\", \"2693283\", \"2696031\", \"2702444\", \"2708980\");\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\", exit_code:1);\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\n# Add an extra node to the registry key if needed.\narch = get_kb_item_or_exit(\"SMB/ARCH\", exit_code:1);\nif (arch == \"x64\")\n extra = \"\\Wow6432Node\";\n\n######################################################################\n# Microsoft Communicator 2007 R2\n######################################################################\nvuln = check_vuln(\n key : \"SOFTWARE\\Microsoft\\Communicator\\InstallationDirectory\",\n file : \"Communicator.exe\",\n min : \"3.5.0.0\",\n fix : \"3.5.6907.253\",\n kb : \"2708980\"\n);\n\n######################################################################\n# Microsoft Lync 2010\n######################################################################\nif (!vuln)\n{\n vuln = check_vuln(\n key : \"SOFTWARE\" + extra + \"\\Microsoft\\Communicator\\InstallationDirectory\",\n file : \"Communicator.exe\",\n min : \"4.0.0.0\",\n fix : \"4.0.7577.4098\",\n kb : \"2693282\"\n );\n}\n\n######################################################################\n# Microsoft Lync 2010 Attendant\n######################################################################\nvuln = check_vuln(\n key : \"SOFTWARE\" + extra + \"\\Microsoft\\Attendant\\InstallationDirectory\",\n file : \"AttendantConsole.exe\",\n min : \"4.0.0.0\",\n fix : \"4.0.7577.4098\",\n kb : \"2702444\"\n) || vuln;\n\n######################################################################\n# Microsoft Lync 2010 Attendee (admin-level install)\n######################################################################\nvuln = check_vuln(\n key : \"SOFTWARE\\Microsoft\\AttendeeCommunicator\\InstallationDirectory\",\n file : \"CURes.dll\",\n min : \"4.0.0.0\",\n fix : \"4.0.7577.4098\",\n kb : \"2696031\"\n) || vuln;\n\n######################################################################\n# Microsoft Lync 2010 Attendee (user-level install)\n######################################################################\npaths = get_user_dirs();\n\nif (!isnull(paths))\n{\n vuln = check_vuln(\n paths : paths,\n file : \"\\Microsoft Lync Attendee\\System.dll\",\n min : \"4.0.0.0\",\n fix : \"4.0.60831.0\",\n kb : \"2693283\"\n ) || vuln;\n}\n\n# Disconnect from registry.\nclose_registry();\n\nif (vuln)\n{\n set_kb_item(name:\"www/0/XSS\", value:TRUE);\n\n set_kb_item(name:\"SMB/Missing/\" + bulletin, value:TRUE);\n hotfix_security_hole();\n\n hotfix_check_fversion_end();\n exit(0);\n}\n\nhotfix_check_fversion_end();\nexit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:57", "description": "The versions of InfoPath, Office SharePoint Server, SharePoint Server, Groove Server, Windows SharePoint Services, SharePoint Foundation, or Office Web Apps installed on the remote host are affected by multiple privilege escalation and information disclosure vulnerabilities :\n\n - An information disclosure vulnerability exists in the way that HTML strings are sanitized. An attacker who successfully exploited this vulnerability could perform cross-site scripting attacks and run script in the security context of the logged-on user. (CVE-2012-1858)\n\n - A cross-site scripting and a privilege escalation vulnerability allow attacker-controlled JavaScript to run in the context of the user clicking a link. An anonymous attacker could also potentially issue SharePoint commands in the context of an authenticated user on the site. (CVE-2012-1859)\n\n - An information disclosure vulnerability exists in the way that SharePoint stores search scopes. An attacker could view or tamper with other users' search scopes.\n (CVE-2012-1860)\n\n - A cross-site scripting vulnerability exists that allows attacker-controlled JavaScript to run in the context of the user clicking a link. An anonymous attacker could also potentially issue SharePoint commands in the context of an authenticated user. (CVE-2012-1861)\n\n - A URL redirection vulnerability exists in SharePoint.\n The vulnerability could lead to spoofing and information disclosure and could allow an attacker to redirect a user to an external URL. (CVE-2012-1862)\n\n - A cross-site scripting vulnerability exists that allows attacker-controlled JavaScript to run in the context of the user clicking a link. An anonymous attacker could also potentially issue SharePoint commands in the context of an authenticated user. (CVE-2012-1863).", "cvss3": {}, "published": "2012-07-11T00:00:00", "type": "nessus", "title": "MS12-050: Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1858", "CVE-2012-1859", "CVE-2012-1860", "CVE-2012-1861", "CVE-2012-1862", "CVE-2012-1863"], "modified": "2019-12-04T00:00:00", "cpe": ["cpe:/a:microsoft:groove", "cpe:/a:microsoft:infopath", "cpe:/a:microsoft:office_web_apps", "cpe:/a:microsoft:sharepoint_server", "cpe:/a:microsoft:sharepoint_services", "cpe:/a:microsoft:sharepoint_foundation"], "id": "SMB_NT_MS12-050.NASL", "href": "https://www.tenable.com/plugins/nessus/59913", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59913);\n script_version(\"1.26\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\n \"CVE-2012-1858\",\n \"CVE-2012-1859\",\n \"CVE-2012-1860\",\n \"CVE-2012-1861\",\n \"CVE-2012-1862\",\n \"CVE-2012-1863\"\n );\n script_bugtraq_id(\n 53842,\n 54312,\n 54313,\n 54314,\n 54315,\n 54316\n );\n script_xref(name:\"EDB-ID\", value:\"19777\");\n script_xref(name:\"MSFT\", value:\"MS12-050\");\n script_xref(name:\"MSKB\", value:\"2553194\");\n script_xref(name:\"MSKB\", value:\"2553322\");\n script_xref(name:\"MSKB\", value:\"2553365\");\n script_xref(name:\"MSKB\", value:\"2553424\");\n script_xref(name:\"MSKB\", value:\"2553431\");\n script_xref(name:\"MSKB\", value:\"2589325\");\n script_xref(name:\"MSKB\", value:\"2596663\");\n script_xref(name:\"MSKB\", value:\"2596666\");\n script_xref(name:\"MSKB\", value:\"2596786\");\n script_xref(name:\"MSKB\", value:\"2596911\");\n script_xref(name:\"MSKB\", value:\"2596942\");\n script_xref(name:\"MSKB\", value:\"2598239\");\n script_xref(name:\"MSKB\", value:\"2760604\");\n\n script_name(english:\"MS12-050: Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502)\");\n script_summary(english:\"Checks InfoPath / SharePoint / Groove / Office Web Apps version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple privilege escalation and\ninformation disclosure vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The versions of InfoPath, Office SharePoint Server, SharePoint Server,\nGroove Server, Windows SharePoint Services, SharePoint Foundation, or\nOffice Web Apps installed on the remote host are affected by multiple\nprivilege escalation and information disclosure vulnerabilities :\n\n - An information disclosure vulnerability exists in the\n way that HTML strings are sanitized. An attacker who\n successfully exploited this vulnerability could perform\n cross-site scripting attacks and run script in the\n security context of the logged-on user. (CVE-2012-1858)\n\n - A cross-site scripting and a privilege escalation\n vulnerability allow attacker-controlled JavaScript to\n run in the context of the user clicking a link. An\n anonymous attacker could also potentially issue\n SharePoint commands in the context of an authenticated\n user on the site. (CVE-2012-1859)\n\n - An information disclosure vulnerability exists in the\n way that SharePoint stores search scopes. An attacker\n could view or tamper with other users' search scopes.\n (CVE-2012-1860)\n\n - A cross-site scripting vulnerability exists that allows\n attacker-controlled JavaScript to run in the context of\n the user clicking a link. An anonymous attacker could\n also potentially issue SharePoint commands in the\n context of an authenticated user. (CVE-2012-1861)\n\n - A URL redirection vulnerability exists in SharePoint.\n The vulnerability could lead to spoofing and information\n disclosure and could allow an attacker to redirect a\n user to an external URL. (CVE-2012-1862)\n\n - A cross-site scripting vulnerability exists that allows\n attacker-controlled JavaScript to run in the context of\n the user clicking a link. An anonymous attacker could\n also potentially issue SharePoint commands in the\n context of an authenticated user. (CVE-2012-1863).\");\n # http://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7d49512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-050\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for InfoPath 2007, InfoPath\n2010, Office SharePoint Server 2007, SharePoint Server 2010, Groove\nServer 2010, Windows SharePoint Services 2.0 and 3.0, SharePoint\nFoundation 2010, and Office Web Apps 2010.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-1862\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:groove\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:infopath\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office_web_apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_services\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_foundation\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"office_installed.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nglobal_var bulletin, vuln;\n\nfunction get_ver()\n{\n local_var fh, path, rc, share, ver;\n\n path = _FCT_ANON_ARGS[0];\n\n share = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:path);\n\n rc = NetUseAdd(share:share);\n if (rc != 1)\n {\n NetUseDel();\n audit(AUDIT_SHARE_FAIL, share);\n }\n\n ver = NULL;\n path = ereg_replace(string:path, pattern:\"^[A-Za-z]:(.*)\", replace:\"\\1\\\");\n\n fh = CreateFile(\n file : path,\n desired_access : GENERIC_READ,\n file_attributes : FILE_ATTRIBUTE_NORMAL,\n share_mode : FILE_SHARE_READ,\n create_disposition : OPEN_EXISTING\n );\n if (!isnull(fh))\n {\n ver = GetFileVersion(handle:fh);\n ver = join(ver, sep:\".\");\n CloseFile(handle:fh);\n }\n\n NetUseDel(close:FALSE);\n\n return ver;\n}\n\nfunction check_vuln(fix, kb, name, path, ver)\n{\n local_var info;\n\n if (isnull(ver))\n ver = get_ver(path);\n\n if (isnull(ver) || ver_compare(ver:ver, fix:fix, strict:FALSE) >= 0)\n return 0;\n\n info =\n '\\n Product : ' + name +\n '\\n Path : ' + path +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:kb);\n\n vuln = TRUE;\n}\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS12-050\";\nkbs = make_list(\n 2596666, 2596786, 2553431, 2553322,\n 2596663, 2596942, 2553424, 2553194,\n 2589325, 2596911, 2553365, 2598239, 2760604\n);\nif (get_kb_item(\"Host/patch_management_checks\"))\n hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\", exit_code:1);\n\n# Connect to the registry.\nregistry_init();\nhklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n\n# Get path information for SharePoint Server 2007.\nsps_2007_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Office Server\\12.0\\InstallPath\"\n);\n\n# Get path information for SharePoint Server 2010.\nsps_2010_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Office Server\\14.0\\InstallPath\"\n);\n\n# Get path information for SharePoint Services 2.0\nsps_20_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Shared Tools\\Web Server Extensions\\6.0\\Location\"\n);\n\n# Get path information for SharePoint Services 3.0 or SharePoint Foundation 2010.\nforeach ver (make_list(\"12.0\", \"14.0\"))\n{\n spf_2010_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Shared Tools\\Web Server Extensions\\\" + ver + \"\\Location\"\n );\n\n if (spf_2010_path)\n break;\n}\n\n# Get path information for Groove Server 2010.\ngs_2010_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Office Server\\14.0\\Groove\\Groove Relay\\Parameters\\InstallDir\"\n);\n\n# Close connection to registry.\nRegCloseKey(handle:hklm);\nclose_registry(close:FALSE);\n\n# Get path and version information for InfoPath.\nip_installs = get_kb_list(\"SMB/Office/InfoPath/*/ProductPath\");\n\n# Get path information for Windows.\nwindir = hotfix_get_systemroot();\nif (isnull(windir))\n exit(1, \"Failed to determine the location of %windir%.\");\n\n# Get path information for Common Files.\ncommonprogramfiles = hotfix_get_commonfilesdir();\nif (isnull(commonprogramfiles))\n exit(1, \"Failed to determine the location of %commonprogramfiles%.\");\n\n# Get path information for Office Web Apps.\nowa_2010_path = sps_2010_path;\n\nif (!isnull(ip_installs))\n{\n foreach install (keys(ip_installs))\n {\n ip_ver = install - 'SMB/Office/InfoPath/' - '/ProductPath';\n ip_path = ip_installs[install];\n if (ip_path) ip_path = ereg_replace(string:ip_path, pattern:\"(.*)(\\\\[^\\\\]+)$\", replace:\"\\1\");\n\n ######################################################################\n # InfoPath 2007 SP2 / SP3\n #\n # [KB2596666] Infopath.Exe: 12.0.6661.5000\n # [KB2596786] Ipeditor.dll: 12.0.6661.5000\n ######################################################################\n office_sp2007 = get_kb_item(\"SMB/Office/2007/SP\");\n office_sp2010 = get_kb_item(\"SMB/Office/2010/SP\");\n if (ip_ver =~ '^12\\\\.' && (!isnull(office_sp2007) && (office_sp2007 == 2 || office_sp2007 == 3)))\n {\n name = \"InfoPath 2007\";\n\n check_vuln(\n name : name,\n kb : \"2596666\",\n path : ip_path + \"\\Infopath.Exe\",\n fix : \"12.0.6661.5000\"\n );\n\n check_vuln(\n name : name,\n kb : \"2596786\",\n path : ip_path + \"\\Ipeditor.dll\",\n fix : \"12.0.6661.5000\"\n );\n }\n ######################################################################\n # InfoPath 2010 SP0 / SP1\n #\n # [KB2553431] Infopath.Exe: 14.0.6120.5000\n # [KB2553322] Ipeditor.dll: 14.0.6120.5000\n ######################################################################\n else if (ip_ver =~ '^14\\\\.' && (!isnull(office_sp2010) && (office_sp2010 == 0 || office_sp2010 == 1)))\n {\n name = \"InfoPath 2010\";\n\n check_vuln(\n name : name,\n kb : \"2553431\",\n path : ip_path + \"\\Infopath.Exe\",\n fix : \"14.0.6120.5000\"\n );\n\n check_vuln(\n name : name,\n kb : \"2553322\",\n path : ip_path + \"\\Ipeditor.dll\",\n fix : \"14.0.6120.5000\"\n );\n }\n }\n}\n\n######################################################################\n# Office SharePoint Server 2007 SP2 / SP3\n#\n# [KB2596663] Microsoft.SharePoint.Publishing.dll: 12.0.6660.5000\n# [KB2596942] Microsoft.office.excel.webui.dll: 12.0.6661.5000\n######################################################################\nif (sps_2007_path)\n{\n name = \"Office SharePoint Server 2007\";\n\n check_vuln(\n name : name,\n kb : \"2596663\",\n path : sps_2007_path + \"Bin\\Microsoft.SharePoint.Publishing.dll\",\n fix : \"12.0.6660.5000\"\n );\n\n share = ereg_replace(string:windir, pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\");\n rc = NetUseAdd(share:share);\n if (rc != 1)\n {\n NetUseDel();\n audit(AUDIT_SHARE_FAIL, share);\n }\n\n dir = ereg_replace(string:windir, pattern:\"^[A-Za-z]:(.*)\", replace:\"\\1\");\n subdir = \"\\assembly\\GAC_MSIL\\Microsoft.Office.Excel.WebUI\\\";\n file = \"\\Microsoft.Office.Excel.WebUI.dll\";\n\n # Check for the DLL in each subdirectory.\n for (\n dh = FindFirstFile(pattern:dir + subdir + \"*\");\n !isnull(dh);\n dh = FindNextFile(handle:dh)\n )\n {\n # Skip non-directories.\n if (dh[2] & FILE_ATTRIBUTE_DIRECTORY == 0)\n continue;\n\n # Skip current and parent directories.\n if (dh[1] == \".\" || dh[1] == \"..\")\n continue;\n\n # Skip anything that doesn't look like the 2007 branch.\n if (dh[1] !~ \"^12\\.\")\n continue;\n\n # Get the version number from the file, if it exists.\n path = dir + subdir + dh[1] + file;\n fh = CreateFile(\n file : path,\n desired_access : GENERIC_READ,\n file_attributes : FILE_ATTRIBUTE_NORMAL,\n share_mode : FILE_SHARE_READ,\n create_disposition : OPEN_EXISTING\n );\n if (isnull(fh))\n continue;\n\n ver = GetFileVersion(handle:fh);\n CloseFile(handle:fh);\n\n check_vuln(\n name : name,\n kb : \"2596942\",\n path : windir + subdir + dh[1] + file,\n ver : join(ver, sep:\".\"),\n fix : \"12.0.6661.5000\"\n );\n }\n\n # Clean up.\n NetUseDel(close:FALSE);\n}\n\n######################################################################\n# SharePoint Server 2010 SP0 / SP1\n#\n# [KB2553424] Microsoft.resourcemanagement.dll: 4.0.2450.47\n# [KB2553194] Ssetupui.dll: 14.0.6120.5000\n######################################################################\nif (sps_2010_path)\n{\n name = \"Office SharePoint Server 2010\";\n\n check_vuln(\n name : name,\n kb : \"2553424\",\n path : sps_2010_path + \"Service\\Microsoft.resourcemanagement.dll\",\n fix : \"4.0.2450.47\"\n );\n\n check_vuln(\n name : name,\n kb : \"2553194\",\n path : commonprogramfiles + \"\\Microsoft Shared\\SERVER14\\Server Setup Controller\\WSS.en-us\\Ssetupui.dll\",\n fix : \"14.0.6120.5000\"\n );\n}\n\n######################################################################\n# Groove Server 2010 SP0 / SP1\n#\n# [KB2589325] Relay.exe: 14.0.6120.5000\n######################################################################\nif (gs_2010_path)\n{\n check_vuln(\n name : \"Groove Server 2010\",\n kb : \"2589325\",\n path : gs_2010_path + \"\\Relay.exe\",\n fix : \"14.0.6120.5000\"\n );\n}\n\n######################################################################\n# SharePoint Services 2.0\n#\n# [KB2760604] Onetutil.dll: 11.0.8346.0\n######################################################################\nif (sps_20_path)\n{\n path = sps_20_path + \"Bin\\Onetutil.dll\";\n ver = get_ver(path);\n\n check_vuln(\n name : \"SharePoint Services 2.0\",\n kb : \"2760604\",\n path : path,\n fix : \"11.0.8346.0\"\n );\n}\n\n######################################################################\n# SharePoint Services 3.0 SP2\n#\n# [KB2596911] Mssrch.dll: 12.0.6660.5000\n#\n#\n# SharePoint Foundation 2010 SP0 / SP1\n#\n# [KB2553365] Mssrch.dll: 14.0.6119.5000\n######################################################################\nif (spf_2010_path)\n{\n path = spf_2010_path + \"Bin\\Mssrch.dll\";\n ver = get_ver(path);\n\n if (ver && ver =~ \"^12\\.\")\n {\n check_vuln(\n name : \"SharePoint Services 3.0\",\n kb : \"2596911\",\n path : path,\n ver : ver,\n fix : \"12.0.6660.5000\"\n );\n }\n else if (ver && ver =~ \"^14\\.\")\n {\n check_vuln(\n name : \"SharePoint Foundation 2010\",\n kb : \"2553365\",\n path : path,\n ver : ver,\n fix : \"14.0.6119.5000\"\n );\n }\n}\n\n######################################################################\n# Office Web Apps 2010 SP0 / SP1\n#\n# [KB2598239] msoserver.dll: 14.0.6120.5000\n######################################################################\nif (owa_2010_path)\n{\n check_vuln(\n name : \"Office Web Apps 2010\",\n kb : \"2598239\",\n path : owa_2010_path + \"WebServices\\ConversionService\\Bin\\Converter\\msoserver.dll\",\n fix : \"14.0.6120.5000\"\n );\n}\n\nhotfix_check_fversion_end();\n\nif (!vuln)\n audit(AUDIT_HOST_NOT, 'affected');\n# Flag the system as vulnerable.\nset_kb_item(name:\"SMB/Missing/\" + bulletin, value:TRUE);\nset_kb_item(name:\"www/0/XSS\", value:TRUE);\nhotfix_security_warning();\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:40", "description": "The remote host is missing Internet Explorer (IE) Security Update 2699988.\n\nThe installed version of IE is affected by several vulnerabilities that could allow an attacker to execute arbitrary code on the remote host.", "cvss3": {}, "published": "2012-06-13T00:00:00", "type": "nessus", "title": "MS12-037: Cumulative Security Update for Internet Explorer (2699988)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1523", "CVE-2012-1858", "CVE-2012-1872", "CVE-2012-1873", "CVE-2012-1874", "CVE-2012-1875", "CVE-2012-1876", "CVE-2012-1877", "CVE-2012-1878", "CVE-2012-1879", "CVE-2012-1880", "CVE-2012-1881", "CVE-2012-1882"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:microsoft:ie", "cpe:/o:microsoft:windows"], "id": "SMB_NT_MS12-037.NASL", "href": "https://www.tenable.com/plugins/nessus/59455", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59455);\n script_version(\"1.31\");\n script_cvs_date(\"Date: 2018/11/15 20:50:31\");\n\n script_cve_id(\n \"CVE-2012-1523\",\n \"CVE-2012-1858\",\n \"CVE-2012-1872\",\n \"CVE-2012-1873\",\n \"CVE-2012-1874\",\n \"CVE-2012-1875\",\n \"CVE-2012-1876\",\n \"CVE-2012-1877\",\n \"CVE-2012-1878\",\n \"CVE-2012-1879\",\n \"CVE-2012-1880\",\n \"CVE-2012-1881\",\n \"CVE-2012-1882\"\n );\n script_bugtraq_id(\n 53841,\n 53842,\n 53843,\n 53844,\n 53845,\n 53847,\n 53848,\n 53866,\n 53867,\n 53868,\n 53869,\n 53870,\n 53871\n );\n script_xref(name:\"EDB-ID\", value:\"19777\");\n script_xref(name:\"EDB-ID\", value:\"20174\");\n script_xref(name:\"EDB-ID\", value:\"24017\");\n script_xref(name:\"EDB-ID\", value:\"33944\");\n script_xref(name:\"EDB-ID\", value:\"35815\");\n script_xref(name:\"MSFT\", value:\"MS12-037\");\n script_xref(name:\"MSKB\", value:\"2699988\");\n\n script_name(english:\"MS12-037: Cumulative Security Update for Internet Explorer (2699988)\");\n script_summary(english:\"Checks version of Mshtml.dll\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote host is affected by code execution vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing Internet Explorer (IE) Security Update\n2699988.\n\nThe installed version of IE is affected by several vulnerabilities\nthat could allow an attacker to execute arbitrary code on the remote\nhost.\");\n # http://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7d49512\");\n # http://www.vupen.com/blog/20120710.Advanced_Exploitation_of_Internet_Explorer_HeapOv_CVE-2012-1876.php\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?18c6adba\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-12-093/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-12-190/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-12-192/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-12-193/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-12-194/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/523185/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/523186/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/523196/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-037\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for XP, 2003, Vista, 2008, 7,\nand 2008 R2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'MS12-037 Microsoft Internet Explorer Fixed Table Col Span Heap Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:ie\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"misc_func.inc\");\n\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS12-037';\nkb = '2699988';\n\nkbs = make_list(kb);\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(xp:'3', win2003:'2', vista:'2', win7:'0,1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\nif (hotfix_check_server_core() == 1) audit(AUDIT_WIN_SERVER_CORE);\n\nrootfile = hotfix_get_systemroot();\nif (!rootfile) exit(1, \"Failed to get the system root.\");\n\nshare = hotfix_path2share(path:rootfile);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n # Windows 7 / 2008 R2\n #\n # - Internet Explorer 9\n hotfix_is_vulnerable(os:\"6.1\", file:\"Mshtml.dll\", version:\"9.0.8112.20551\", min_version:\"9.0.8112.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", file:\"Mshtml.dll\", version:\"9.0.8112.16446\", min_version:\"9.0.8112.16000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n # - Internet Explorer 8\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"Mshtml.dll\", version:\"8.0.7601.21976\", min_version:\"8.0.7601.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"Mshtml.dll\", version:\"8.0.7601.17824\", min_version:\"8.0.7601.17000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:0, file:\"Mshtml.dll\", version:\"8.0.7600.21198\", min_version:\"8.0.7600.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:0, file:\"Mshtml.dll\", version:\"8.0.7600.17006\", min_version:\"8.0.7600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Vista / 2008\n #\n # - Internet Explorer 9\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Mshtml.dll\", version:\"9.0.8112.20551\", min_version:\"9.0.8112.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Mshtml.dll\", version:\"9.0.8112.16446\", min_version:\"9.0.8112.16000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n # - Internet Explorer 8\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Mshtml.dll\", version:\"8.0.6001.23359\", min_version:\"8.0.6001.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Mshtml.dll\", version:\"8.0.6001.19272\", min_version:\"8.0.6001.18000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n # - Internet Explorer 7\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Mshtml.dll\", version:\"7.0.6002.22838\", min_version:\"7.0.6002.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Mshtml.dll\", version:\"7.0.6002.18616\", min_version:\"7.0.6002.18000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Windows 2003 / XP 64-bit\n #\n # - Internet Explorer 8\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"Mshtml.dll\", version:\"8.0.6001.23345\", min_version:\"8.0.6001.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"Mshtml.dll\", version:\"8.0.6001.19258\", min_version:\"8.0.0.0\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n # - Internet Explorer 7\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"Mshtml.dll\", version:\"7.0.6000.21312\", min_version:\"7.0.6000.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"Mshtml.dll\", version:\"7.0.6000.17110\", min_version:\"7.0.0.0\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n # - Internet Explorer 6\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"Mshtml.dll\", version:\"6.0.3790.4986\", min_version:\"6.0.0.0\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Windows XP x86\n #\n # - Internet Explorer 8\n hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"Mshtml.dll\", version:\"8.0.6001.23345\", min_version:\"8.0.6001.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"Mshtml.dll\", version:\"8.0.6001.19258\", min_version:\"8.0.0.0\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n # - Internet Explorer 7\n hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"Mshtml.dll\", version:\"7.0.6000.21312\", min_version:\"7.0.6000.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"Mshtml.dll\", version:\"7.0.6000.17110\", min_version:\"7.0.0.0\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n # - Internet Explorer 6\n hotfix_is_vulnerable(os:\"5.1\", sp:3, file:\"Mshtml.dll\", version:\"6.0.2900.6212\", min_version:\"6.0.2900.0\", dir:\"\\system32\", bulletin:bulletin, kb:kb)\n)\n{\n set_kb_item(name:\"SMB/Missing/\"+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, 'affected');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "mskb": [{"lastseen": "2021-01-01T22:39:07", "description": "<html><body><p>Describes vulnerabilities in SharePoint could allow elevation of privilege, and was released on July 10, 2012.</p><h2>INTRODUCTION</h2><div class=\"kb-summary-section section\">Microsoft has released security bulletin MS12-050. To view the complete security bulletin, go to one of the following Microsoft websites:\u00a0<ul class=\"sbody-free_list\"><li>Home users:<div class=\"indent\"><a href=\"http://www.microsoft.com/security/pc-security/bulletins/201207.aspx\" id=\"kb-link-1\" target=\"_self\">http://www.microsoft.com/security/pc-security/bulletins/201207.aspx</a></div><span class=\"text-base\">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br/><div class=\"indent\"><a href=\"http://update.microsoft.com/microsoftupdate/\" id=\"kb-link-2\" target=\"_self\">http://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<div class=\"indent\"><a href=\"http://technet.microsoft.com/security/bulletin/ms12-050\" id=\"kb-link-3\" target=\"_self\">http://technet.microsoft.com/security/bulletin/MS12-050</a></div></li></ul><h3 class=\"sbody-h3\">How to obtain help and support for this security update</h3> Help installing updates: <a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-4\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <br/><a href=\"http://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-5\" target=\"_self\">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your computer that is running Windows from viruses and malware:<br/><a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-6\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <br/><a href=\"https://support.microsoft.com/common/international.aspx\" id=\"kb-link-7\" target=\"_self\">International Support</a><br/><br/></div><h2></h2><div class=\"kb-moreinformation-section section\"><h4 class=\"sbody-h4\">Known issues and additional information about this security update</h4> <br/> <br/><br/> The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.<ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2553194\" id=\"kb-link-8\">2553194 </a> MS12-050: Description of the security update for SharePoint Server 2010 (coreserverloc): July 10, 2012<br/><br/>Known issues in security update 2553194: <br/><ul class=\"sbody-free_list\"><li>After you install this security update on all SharePoint servers, you have to run the PSconfig tool to complete the installation. For more information about how to use the PSconfig tool, go to the following TechNet webpage:<div class=\"indent\"><a href=\"http://technet.microsoft.com/en-us/library/cc263093.aspx\" id=\"kb-link-9\" target=\"_self\">PSconfig command-line reference (SharePoint Server 2010)</a></div></li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2553322\" id=\"kb-link-10\">2553322 </a> MS12-050: Description of the security update for InfoPath 2010: July 10, 2012 </li><li><a href=\"https://support.microsoft.com/en-us/help/2553365\" id=\"kb-link-11\">2553365 </a> MS12-050: Description of the security update for SharePoint Foundation 2010: July 10, 2012<br/><br/>Known issues in security update 2553365: <ul class=\"sbody-free_list\"><li>After you install this security update on all SharePoint servers, you have to run the PSconfig tool to complete the installation. For more information about how to use the PSconfig tool, go to the following TechNet webpage:\u00a0<div class=\"indent\"><a href=\"http://technet.microsoft.com/en-us/library/cc263093.aspx\" id=\"kb-link-12\" target=\"_self\">PSconfig command-line reference (SharePoint Server 2010)</a></div></li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2553424\" id=\"kb-link-13\">2553424 </a> MS12-050: Description of the security update for SharePoint Server 2010 (wosrv): July 10, 2012<br/><br/>Known issues in security update 2553424: <ul class=\"sbody-free_list\"><li>After you install this security update on all SharePoint servers, you have to run the PSconfig tool to complete the installation. For more information about how to use the PSconfig tool, go to the following TechNet webpage:\u00a0<div class=\"indent\"><a href=\"http://technet.microsoft.com/en-us/library/cc263093.aspx\" id=\"kb-link-14\" target=\"_self\">PSconfig command-line reference (SharePoint Server 2010)</a></div></li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2553431\" id=\"kb-link-15\">2553431 </a> MS12-050: Description of the security update for InfoPath 2010: July 10, 2012<br/><br/>Known issues in security update 2553431: <ul class=\"sbody-free_list\"><li>Windows Update will offer this security update to all systems that are running InfoPath 2010. However, the security update is required only for systems that are running Visual Studio Tool for Applications (VSTA). This security update can be installed on any system that is running InfoPath 2010. However, binaries are updated only on systems that are running VSTA.<br/><br/><span class=\"text-base\">Note </span>If you install this security update on a system that is running InfoPath 2010 without VSTA and then you install VSTA, you do not have to reinstall this security update.</li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2589325\" id=\"kb-link-16\">2589325 </a> MS12-050: Description of the security update for Groove Server 2010: July 10, 2012<br/><br/>Known issues in security update 2589325: <ul class=\"sbody-free_list\"><li>If you install any previously released Groove server update before you install this security update, then you may see multiple entries for this security update may appear in <strong class=\"uiterm\">Add or Remove Programs</strong>.</li><li>The Groove security update does not appear in <span class=\"sbody-userinput\">Add or Remove Programs</span>. To determine whether the update is installed, the system administrator can open the SharePoint Configuration Manager console.</li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2596663\" id=\"kb-link-17\">2596663 </a> MS12-050: Description of the security update for SharePoint Server 2007 Service Pack 2 (coreserver): July 10, 2012</li><li><a href=\"https://support.microsoft.com/en-us/help/2596666\" id=\"kb-link-18\">2596666 </a> MS12-050: Description of the security update for InfoPath 2007: July 10, 2012<br/><br/>Known issues in security update 2596666: <ul class=\"sbody-free_list\"><li>Windows Update will offer this security update to all systems that are running InfoPath 2010. However, the security update is required only for systems that are running Visual Studio Tool for Applications (VSTA). This security update can be installed on any system that is running InfoPath 2010. However, binaries are updated only on systems that are running VSTA.<br/><br/><span class=\"text-base\">Note </span>If you install this security update on a system that is running InfoPath 2010 without VSTA and then you install VSTA, you do not have to reinstall this security update.</li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2596786\" id=\"kb-link-19\">2596786 </a> MS12-050: Description of the security update for InfoPath 2007 (IPEditor): July 10, 2012<br/><br/>Known issues in security update 2596786: <ul class=\"sbody-free_list\"><li>Windows Update will offer this security update to all systems that are running InfoPath 2010. However, the security update is required only for systems that are running Visual Studio Tool for Applications (VSTA). This security update can be installed on any system that is running InfoPath 2010. However, binaries are updated only on systems that are running VSTA.<br/><br/><span class=\"text-base\">Note </span>If you install this security update on a system that is running InfoPath 2010 without VSTA and then you install VSTA, you do not have to reinstall this security update.</li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2596911\" id=\"kb-link-20\">2596911 </a> MS12-050: Description of the security update for Windows SharePoint Services 3.0: July 10, 2012</li><li><a href=\"https://support.microsoft.com/en-us/help/2596942\" id=\"kb-link-21\">2596942 </a> MS12-050: Description of the security update for Office SharePoint Server 2007 Service Pack 2 (xlsrvwfe): July 10, 2012</li><li><a href=\"https://support.microsoft.com/en-us/help/2598239\" id=\"kb-link-22\">2598239 </a> MS12-050: Description of the security update for SharePoint Server 2010: July 10, 2012<br/><br/>Known issues in security update 2598239: <ul class=\"sbody-free_list\"><li>After you install this security update on all SharePoint servers, you have to run the PSconfig tool to complete the installation. For more information about how to use the PSconfig tool, go to the following TechNet webpage:\u00a0<div class=\"indent\"><a href=\"http://technet.microsoft.com/en-us/library/cc263093.aspx\" id=\"kb-link-23\" target=\"_self\">PSconfig command-line reference (SharePoint Server 2010)</a></div></li></ul></li><li><a href=\"https://support.microsoft.com/en-us/help/2760604\" id=\"kb-link-24\">2760604 </a> MS12-050: Description of the security update for Microsoft Windows SharePoint Services 2.0 SP3: December 11, 2012</li></ul><span></span><br/><h4 class=\"sbody-h4\">File hash information</h4><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">SHA1 hash</th><th class=\"sbody-th\">SHA256 hash</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-ara.exe</td><td class=\"sbody-td\">944FFC7C1BCC35C796EE1CAEC3D977EA23BE3591</td><td class=\"sbody-td\">5736A05A0858EB07A8239C60593A4D6BD230BA54A3E16274A0773D93EE930570</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-bgr.exe</td><td class=\"sbody-td\">1EF35C81A8B2DF79AD99682D0984731216264B4B</td><td class=\"sbody-td\">45539094870B351DE90768D3E3156E0A825C7F371B415E75E64D405314030139</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-chs.exe</td><td class=\"sbody-td\">F11BB8837A560E4A0BC424D95BEC68E9D74AE377</td><td class=\"sbody-td\">F869A0A164A91A014D2AB1A7492F25363FD6CBFB83F8E4D44E3FFAC96C496D31</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-cht.exe</td><td class=\"sbody-td\">970CF05CCF910C9FF0431DCFC85F085F977AF542</td><td class=\"sbody-td\">22F3DC70AB127BB881DC166CDD771291EE833C7DA207482FEF84D11E0F3A8156</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-csy.exe</td><td class=\"sbody-td\">F49D9534D20C6E8F23C53FB8D226446C8D9EC441</td><td class=\"sbody-td\">18CB0ABCB54DC278D8C314B778999A5AED34948922C3DC9B0E512E0D0F9EEE77</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-dan.exe</td><td class=\"sbody-td\">19FA51E5995EA5EA3EAE16C540BF82550CE107E3</td><td class=\"sbody-td\">0D61FF387EE6507D2840F149A5063DD2C597E21DFF70F8F7AA960B65D36CBB5D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-deu.exe</td><td class=\"sbody-td\">4D81FFAC740D198A7B66DA296EF9427F9B11CFA2</td><td class=\"sbody-td\">C17A570B8E850D10000BBC4BBA14D6B78C03F267AA6FB169D0E4DF3B5656161F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-ell.exe</td><td class=\"sbody-td\">03973E73A4AB0E7F0B72D478B61538764AE5E547</td><td class=\"sbody-td\">485CD52BB0B9930C63530F38B7917E6774F548D26766CA40ECAF61377B5945A9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-enu.exe</td><td class=\"sbody-td\">8CDCE452A26ECC14A0BBBFA80B43CE48F224A6CA</td><td class=\"sbody-td\">2C21C95770D60BA08EBDA7965BC38625E20684BAB4E43E37C70673E133BF9F4F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-esn.exe</td><td class=\"sbody-td\">FA1B8FE9E815E75E3BD2F24C0C9E559A9E20B4C0</td><td class=\"sbody-td\">0C71F483FE72EAD5BE870EA1A8E9DC60C369FC5FC33733D0D02C629C3E7FF731</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-eti.exe</td><td class=\"sbody-td\">044DA3C7C9A238869D124D697DBEC06B4EA257C3</td><td class=\"sbody-td\">D6755EB7FD5E195A9CD2ADA1E5CA937A2B365AC6DB91AA4342AF4D2818E35D69</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-fin.exe</td><td class=\"sbody-td\">1867C849389450286FEE99C95CD881DA9CFFB708</td><td class=\"sbody-td\">8866AD99D8D83DE3271366399BD1B7998257E15E39A82ED0CB2C9E1DCC6AA943</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-fra.exe</td><td class=\"sbody-td\">777EA2C387B381768D1111E607779E70E41FDF1F</td><td class=\"sbody-td\">744ACE78426672E9EC75817E5D4D3B412DD272B7384C80190BE0B6FA2DB73BE7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-heb.exe</td><td class=\"sbody-td\">BDC9CAA8D266554B0ED9694562EB4E9B9C7368D1</td><td class=\"sbody-td\">7F7C8210CF6991AFFF14703E780E1191306B1856B00B95BC2F27B7EE59B5FB7E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-hin.exe</td><td class=\"sbody-td\">0B68573CDAAC765D4ABF325CD3996D1E2E667A17</td><td class=\"sbody-td\">F32BBA4CE8B5861F180261676CA6B44F1DAC36F9175D176EC69062A975C197AC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-hrv.exe</td><td class=\"sbody-td\">A0917833FD05D8C9175EBAA73BA83CD1C1A25F30</td><td class=\"sbody-td\">FCD5ADF13D09A8DCEC75210F4A452405C8266BB8476EBC4B54D5146BAA2FF8E7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-hun.exe</td><td class=\"sbody-td\">8329B99DEF9698D3E1D9260DD7F491B99C519584</td><td class=\"sbody-td\">AAB418A8CB3658D061B7356AA3AC1FB0F2A9D68632EEE2664900A1535C46D2A4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-ita.exe</td><td class=\"sbody-td\">DC7A8679DFB3D21E796A6E61C201437EA1AA5C2F</td><td class=\"sbody-td\">F1D53091A9F95E970642C3A4F612237DAF5BA24414A3F1E9B7A8D8F21F5248F5</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-jpn.exe</td><td class=\"sbody-td\">563502557130AFE06614CDB1CE2FFBA352B74739</td><td class=\"sbody-td\">58F48E2973284C3DAC005B7DB1B3DD9C64FB6F898A027F167E335C3B566FE69C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-kor.exe</td><td class=\"sbody-td\">A7BD3032953031CDC511666250AECE3F87C64F0B</td><td class=\"sbody-td\">88B675F6DC0F393725B135C1FD7DBBE3F46289221803FF547669A1388EAA996C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-lth.exe</td><td class=\"sbody-td\">963D99379FF4515725F8DD1594872EB0973E42A4</td><td class=\"sbody-td\">DE8E907C37917D93DA25FEBDB2C7E5A033E486D1D1B2A7D97001486FD0467DAB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-lvi.exe</td><td class=\"sbody-td\">40B44B094CD1ABDF693AC0C44429888EB07B99F6</td><td class=\"sbody-td\">13841434EA8994760EEF0C7626FAA473F582763B9B9214C94F53B0BEFEFA28BF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-nld.exe</td><td class=\"sbody-td\">F4F356BC58494D3EB2146955A512163473F5C18C</td><td class=\"sbody-td\">5BBD181CD9F4B518751A47A5F59D821D3F486763CE2050F34173C4F377C1765A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-nor.exe</td><td class=\"sbody-td\">1BFDAC7CA337DD926FA851DFC44B6C8EB3787D44</td><td class=\"sbody-td\">1855342D407C705D8AA1EE14030C2BFF23E4A1022A87D0121EA937EFC0A5735A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-plk.exe</td><td class=\"sbody-td\">854ACEEC4ED26C8F2AF6115F8357D3E18D95BF46</td><td class=\"sbody-td\">266194456C096A44F03C180744B74A0A9827F34BA79DB5FC857D271B11FDC2D0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-ptb.exe</td><td class=\"sbody-td\">80AFB3A70ADD47AF15C5C811298248DA06BFE60F</td><td class=\"sbody-td\">65CEF35AB79343C01CA79C550A4AB72F9F5A1EF786F539BFF6484450C0A05AFF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-ptg.exe</td><td class=\"sbody-td\">064033EDCD99453BDA48A6EF012F76E0FFC1422C</td><td class=\"sbody-td\">6C4BC8DA2B32B3F854D70DF23AEB9BF0A715B7DAC9F35C6399B2D0DEA7E9FB0A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-rom.exe</td><td class=\"sbody-td\">FF36147DCBB752ACE97C682B1D8B8935A848C5D0</td><td class=\"sbody-td\">4128BAD2C2DDD45017530CECC0C2A7ADC0B88D3BCF5072170FF7D97A1E9BF26D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-rus.exe</td><td class=\"sbody-td\">35B3BDC570F6D82475A62C38171260B24BE2266B</td><td class=\"sbody-td\">4391A7761F2DB2FB3058FCA6E306519DA44EAEBDE2A990B520FA1EE3F60E360E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-sky.exe</td><td class=\"sbody-td\">1D5A41747ABC246F69A1C61E36B524604E5A0FEC</td><td class=\"sbody-td\">B598C60AD4FE2C82A7B43D390B32D6917A2637378B679A11C8D52E433840507F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-slv.exe</td><td class=\"sbody-td\">CE0131A5858230363BFDD3BF6EA399ABDE1378BC</td><td class=\"sbody-td\">3605324E72645A7E126E037DCBC79827DE28DDD364C95DB79FB416402462EAEF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-srl.exe</td><td class=\"sbody-td\">AD4A19231C72A880D361BFF018773F3486BED26C</td><td class=\"sbody-td\">A1B5F71EDEB27A906C98438E3429882C82EC60CF58815EE10AE6BADAD97B949E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-sve.exe</td><td class=\"sbody-td\">94575D9AEC7CC927278BA869A31EEB42A760D324</td><td class=\"sbody-td\">CEC7BFD45C09D1E52F1DD4137B558D9D7B9613353B26C2C54A652E80C5FCFD68</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-tha.exe</td><td class=\"sbody-td\">6999EECC0D501ABFF9B490203C5E2016E1617B99</td><td class=\"sbody-td\">B6D0DF67C45B6F5C1368C3B23AB624DB6127B03D5C980FC29D842488FAC27205</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-trk.exe</td><td class=\"sbody-td\">B62A256B76FBEE70FB51EF41700D164B9DF1B548</td><td class=\"sbody-td\">309659C1C8060265A6DB0C6C31F89720A61F8DD065FA3DCD8A9AC5CA389FCB4F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-ukr.exe</td><td class=\"sbody-td\">92C0AD7EE66A4E20AC22D23CCA4D405FB53ED927</td><td class=\"sbody-td\">8C1EC306BA0883730D2D5C554DD9116998C2F11B816D20A236A78E7EF671CEE4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2003-kb2760604-fullfile-zhh.exe</td><td class=\"sbody-td\">18B05B146DE37B421C37EDB2CC8801884044B8B5</td><td class=\"sbody-td\">3402D3016F8500DDC25E566D50CB91130885BE25A509643BA96F9B9D8DB3FA24</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">coreserver2007-kb2596663-fullfile-x64-glb.exe</td><td class=\"sbody-td\">B4B8C2D03393AFAE2D609B3E22E9C54459170AB7</td><td class=\"sbody-td\">287BA5C0B0672DB4FBF9A7C15A539F6699FA1BA91A4170B049308C52DBB0FA22</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">coreserver2007-kb2596663-fullfile-x86-glb.exe</td><td class=\"sbody-td\">459B707CC63E3F0B38D87BA0968D89C7D7766707</td><td class=\"sbody-td\">0B187B5ACC20FC8EBC4CCC1BF658D51E4A4DA4F564C2CA1B92B432A0C40C6D2C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">coreserverloc2010-kb2553194-fullfile-x64-glb.exe</td><td class=\"sbody-td\">92515E81643BBB6DDFFEB3D6295645322BE1C094</td><td class=\"sbody-td\">D29D2A72BAE50717011AC007AEACD1B69E802FD5E4D4AC3A0A7DB27488EDEB0F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">emsgrs2010-kb2589325-fullfile-x64-glb.exe</td><td class=\"sbody-td\">C40B9731DA0D72958E97C37C8562676E9035DF1E</td><td class=\"sbody-td\">98D9F03A1B94B0C6085E320A760F64391A1E6F34064666D140E55252F1B2908C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">infopath2007-kb2596666-fullfile-x86-glb.exe</td><td class=\"sbody-td\">6089333AEB61B4F0613898C33F8583A15957D782</td><td class=\"sbody-td\">C6440DAB225C67F0C290A1AD0B85C72BA3C6B2F813B0901B04FCABDF1FC9B086</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">infopath2010-kb2553431-fullfile-x64-glb.exe</td><td class=\"sbody-td\">CF9C2F85761B14386A848CD89E5C517F632ECF08</td><td class=\"sbody-td\">6A16C443958BEFAE24E861E053B04EB09CB78A777DAF9A7C603E70DAAD6E5D2D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">infopath2010-kb2553431-fullfile-x86-glb.exe</td><td class=\"sbody-td\">C1CF3BFC26754C57F8A5C111C014015BEC5D6D3B</td><td class=\"sbody-td\">8AACEAE7227509C592442829FA06D6924E48C8E15D5238C79104E9C716ADA5D9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ipeditor2007-kb2596786-fullfile-x86-glb.exe</td><td class=\"sbody-td\">C098589CFF0B676B80C4C5B2E145B9BD93E2C355</td><td class=\"sbody-td\">6611329D0E156EB2DC01584F9ED1EF72BD08D81FE083FFC57ACD541BB0D31700</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ipeditor2010-kb2553322-fullfile-x64-glb.exe</td><td class=\"sbody-td\">CE8A14DBFA1513CF843B37B30113A37DE5EB33FF</td><td class=\"sbody-td\">B721DCF88277D1271DE22C3A1E7869389C3EB976BDE8C7176CD74C0E322ACC35</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ipeditor2010-kb2553322-fullfile-x86-glb.exe</td><td class=\"sbody-td\">2C9EC3F1D70A4E04A15D81DC6AE75ABEC168E700</td><td class=\"sbody-td\">5F269A2559012056B6F16DB638365F7225C143B524AFC0DA77331671933952EF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">sts-x-none-x64.cab</td><td class=\"sbody-td\">C093C7C13D7CB01D5F7B2F244399DBC34BB10D20</td><td class=\"sbody-td\">05853D2678F4D335A0BCFC1AA74E79D980072A7F23CAABF64C2635675210F54C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">sts-x-none-x86.cab</td><td class=\"sbody-td\">13258CA09C2D2A019C5E1F7EEFD53378B53A93CA</td><td class=\"sbody-td\">CFE52C1389B605C1E3AAB0024D7C771828E799F5F8FD1C4C010F3A86992B4560</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">sts2007-kb2596911-fullfile-x64-glb.exe</td><td class=\"sbody-td\">302CB71DCB952EB7AE2BB7A0DFCB3826488DFFD9</td><td class=\"sbody-td\">E01E674F45D599895EA65579874D22F3A990E385EBAABA69FEE232095147DF4E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">sts2007-kb2596911-fullfile-x86-glb.exe</td><td class=\"sbody-td\">3B815B9647BB14E549B89BF61E26AF34BCE63006</td><td class=\"sbody-td\">DE51614C7107B26600E44AE5AE6AA12B6D4BC2E5C2BD84ADCFD39E409529371C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wac2010-kb2598239-fullfile-x64-glb.exe</td><td class=\"sbody-td\">5DA77BDDC33BA933C94C5922FD037796A74CDD50</td><td class=\"sbody-td\">60E369CA03A8237938070573F31DCB1AFCFAD738616C6F2E75B7D6CBFCEEC184</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wosrv2010-kb2553424-fullfile-x64-glb.exe</td><td class=\"sbody-td\">6DF33A7F0FCD21696C581DA461805BC245D5E5D4</td><td class=\"sbody-td\">057090BC16ED1EB4974ABA40E2FC79AB4AED3D431E2224002F6402847439A2E0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wss2010-kb2553365-fullfile-x64-glb.exe</td><td class=\"sbody-td\">1974AEBB7C576D58499CDEDB25C426FAAEDA0C57</td><td class=\"sbody-td\">CC9980F485D951CFAD7E2B9FB93F70C1703C8DEC1E4EB91AD5EB7DC8F95BCE39</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlsrvwfe2007-kb2596942-fullfile-x64-glb.exe</td><td class=\"sbody-td\">3D987EDEAE127AA515409E02448A3CFDE785EF79</td><td class=\"sbody-td\">E895F8A3E13B19D0A48F64194B712F5CB00B4EF532038EBEF9EAB8BB3E80105D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">xlsrvwfe2007-kb2596942-fullfile-x86-glb.exe</td><td class=\"sbody-td\">F54164686BC47A54EB7CD22096DCE7932DD60F3A</td><td class=\"sbody-td\">C3F8E89D78BFC09257F5E97E9CEA68567225506366B4DFE8CC9586EF2226FBF9</td></tr></table></div></div></body></html>", "edition": 2, "cvss3": {}, "published": "2012-07-10T00:00:00", "type": "mskb", "title": "MS12-050: Vulnerabilities in SharePoint could allow elevation of privilege: July 10, 2012", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1862", "CVE-2012-1858", "CVE-2012-1863", "CVE-2012-1861", "CVE-2012-1860", "CVE-2012-1859"], "modified": "2012-12-11T20:04:29", "id": "KB2695502", "href": "https://support.microsoft.com/en-us/help/2695502/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T22:37:04", "description": "<html><body><p>Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage by using Internet Explorer.</p><h2></h2><div class=\"kb-notice-section section\">The update that this article describes has been replaced by a newer update. To resolve this problem, install the most current cumulative security update for Internet Explorer. To install the most current update, visit the following Microsoft website:<br/><div class=\"indent\"><a href=\"http://www.microsoft.com/technet/security/current.aspx\" id=\"kb-link-1\" target=\"_self\">http://www.microsoft.com/technet/security/current.aspx</a><a href=\"http://windowsupdate.microsoft.com\" id=\"kb-link-2\" target=\"_self\">http://windowsupdate.microsoft.com</a></div>For more technical information about the most current cumulative security update for Internet Explorer, visit the following Microsoft website:<br/><div class=\"indent\"><a href=\"http://technet.microsoft.com/security/bulletin\" id=\"kb-link-3\" target=\"_self\">http://technet.microsoft.com/security/bulletin</a></div></div><h2>INTRODUCTION</h2><div class=\"kb-summary-section section\">Microsoft has released security bulletin MS12-037. To view the complete security bulletin, visit one of the following Microsoft websites:<br/><ul class=\"sbody-free_list\"><li>Home users:<br/><div class=\"indent\"><a href=\"http://www.microsoft.com/security/pc-security/bulletins/201206.aspx\" id=\"kb-link-4\" target=\"_self\">http://www.microsoft.com/security/pc-security/bulletins/201206.aspx</a></div><span class=\"text-base\">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br/><div class=\"indent\"><a href=\"http://update.microsoft.com/microsoftupdate/\" id=\"kb-link-5\" target=\"_self\">http://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<br/><div class=\"indent\"><a href=\"http://technet.microsoft.com/security/bulletin/ms12-037\" id=\"kb-link-6\" target=\"_self\">http://technet.microsoft.com/security/bulletin/MS12-037</a></div></li></ul><h3 class=\"sbody-h3\">How to obtain help and support for this security update</h3>Help installing updates:<br/><a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-7\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals:<br/><a href=\"http://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-8\" target=\"_self\">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your computer that is running Windows from viruses and malware:<br/><a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-9\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support according to your country:<br/><a href=\"https://support.microsoft.com/common/international.aspx\" id=\"kb-link-10\" target=\"_self\">International Support</a><br/><br/></div><h2>More Information</h2><div class=\"kb-moreinformation-section section\"><h3 class=\"sbody-h3\">Known issues with this security update</h3><h3 class=\"sbody-h3\">Non-security-related fixes that are included in this security update</h3><h4 class=\"sbody-h4\">General distribution release (GDR) fixes</h4>Individual updates may not be installed, depending on the version of Windows and the version of the affected application. Please view the individual articles to determine your update status.<br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2696955\" id=\"kb-link-11\">2696955 </a></td><td class=\"sbody-td\">You cannot open a file whose file name is fully encoded when you use Internet Explorer 9 to browse the webpage that contains the file</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2715453\" id=\"kb-link-12\">2715453 </a></td><td class=\"sbody-td\">The Save As dialog box may intermittently not be displayed when you try to download a file in Internet Explorer 9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2715815\" id=\"kb-link-13\">2715815 </a></td><td class=\"sbody-td\">The travel log is not updated when you post a form that is in a frame in Internet Explorer 9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2722090\" id=\"kb-link-14\">2722090 </a></td><td class=\"sbody-td\">Quotation marks in the name property of an HTML form are encoded with ASCII encoding two times during form submission in Internet Explorer 9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2718628\" id=\"kb-link-15\">2718628 </a></td><td class=\"sbody-td\">The display of a WebBrowser control may be partly erased when a menu item dropdown overlaps the control in Internet Explorer 9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2719319\" id=\"kb-link-16\">2719319 </a></td><td class=\"sbody-td\">Internet Explorer 8 shuts down when you browse through a proxy server to a webpage that uses protected mode and SSL</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2695422\" id=\"kb-link-17\">2695422 </a></td><td class=\"sbody-td\">A memory leak may occur when a modal dialog box opens in an iframe in Internet Explorer 8 </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2695166\" id=\"kb-link-18\">2695166 </a></td><td class=\"sbody-td\">Cannot print a document in Internet Explorer 8 or Internet Explorer 9 after closing Print Preview by using the Close (red X) button </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2703157\" id=\"kb-link-19\">2703157 </a></td><td class=\"sbody-td\">Memory leak when an application calls the WinHttpGetProxyForUrl function on a Windows 7-based or Windows Server 2008 R2-based computer </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2722090\" id=\"kb-link-20\">2722090 </a></td><td class=\"sbody-td\">Quotation marks in the \"name\" property of an HTML form are encoded with ASCII encoding two times during form submission in Internet Explorer 9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2678934\" id=\"kb-link-21\">2678934 </a></td><td class=\"sbody-td\">Internet Explorer 9 shows a download bar for links that are targeted to an iframe </td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\"><a href=\"https://support.microsoft.com/en-us/help/2716900\" id=\"kb-link-22\">2716900 </a></td><td class=\"sbody-td\">A file that you opened in Internet Explorer 9 may be deleted when you click Cancel in the Internet Explorer Information bar </td></tr></table></div><h4 class=\"sbody-h4\">Hotfixes</h4>Security update 2699988 packages for Windows XP and for Windows Server 2003 include Internet Explorer hotfix files and general distribution release (GDR) files. If no existing Internet Explorer files are from the hotfix environment, security update 2699988 installs the GDR files. <br/><br/>Hotfixes are intended to correct only the problems that are described in the Microsoft Knowledge Base articles that are associated with the hotfixes. Apply hotfixes only to systems that are experiencing these specific problems. <br/><br/>These hotfixes may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next service pack that contains these hotfixes. <span>For more information about how to install the hotfixes that are included in security update 2699988, click the following article number to view the article in the Microsoft Knowledge Base: <div class=\"indent\"><a href=\"https://support.microsoft.com/en-us/help/897225\" id=\"kb-link-23\">897225 </a>How to install hotfixes that are included in cumulative security updates for Internet Explorer </div></span><br/><span class=\"text-base\">Note</span>In addition to installing hotfix files, review the Microsoft Knowledge Base article that is associated with the specific hotfix that you have to install to determine the registry modification that is required to enable that specific hotfix. <br/><br/><span>For more information about how to determine whether your existing Internet Explorer files are from the hotfix or from the GDR environment, click the following article number to view the article in the Microsoft Knowledge Base: <div class=\"indent\"><a href=\"https://support.microsoft.com/en-us/help/824994\" id=\"kb-link-24\">824994 </a>Description of the contents of Windows XP Service Pack 2 and Windows Server 2003 software update packages </div></span></div><h2>FILE INFORMATION</h2><div class=\"kb-summary-section section\">For a list of files that are provided within these packages, click the following link: <br/><br/> <div class=\"indent\"><a href=\"http://download.microsoft.com/download/c/6/8/c68243cd-8b76-411f-a477-72f6a7e16c39/file attributes tables for security update 2699988.csv\" id=\"kb-link-26\" target=\"_self\">File attributes tables for security update 2699988.csv</a></div><h3 class=\"sbody-h3\">File hash table</h3>The following table lists the thumbprints of the certificates that are used to sign the security updates. Verify the certificate thumbprint in this KB article against the certificate thumbprint indicated on the security update that you download.<br/><br/><br/><br/><br/><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><td class=\"sbody-td\"><span class=\"text-base\">Publisher Filename</span></td><td class=\"sbody-td\"><span class=\"text-base\">Sha1</span></td><td class=\"sbody-td\"><span class=\"text-base\">SHA2</span></td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-enu.exe</td><td class=\"sbody-td\">53324A0E42AEB5DE86E059613D33E3D13FB9686A</td><td class=\"sbody-td\">17C0FB2EF4644670ACB560A93BF79F3EF77A4F35F018498103611A8ADE84668C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-ptb.exe</td><td class=\"sbody-td\">4B977D8EB3C2E8E366B0011A1E8ADE27C2DCA55E</td><td class=\"sbody-td\">B518113FFAE760022EE98680567F5F321C82D64E63DA83F56874CF140B3DE05C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-hun.exe</td><td class=\"sbody-td\">76D37077F850532294329FF714C8A5E838CA5093</td><td class=\"sbody-td\">26F52454F97BE9BCDD52B992272D6820E62479EAEDA0F60D953C9EFF5FF55DE5</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-jpn.exe</td><td class=\"sbody-td\">4D8274EFA81B59715C5306154E7C538ADD69B73D</td><td class=\"sbody-td\">E121B54C84E14CF2380F909A65CEF47EEFD0F2F0DF420B8D776D688CA2316212</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-nld.exe</td><td class=\"sbody-td\">3FF5FB761EF680CBF5663EBC8526CF816B78A422</td><td class=\"sbody-td\">6651F5A15548DAB0B169DB00578AE46113254181FCDFB2B42F05C2FCBFDB6EF4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-plk.exe</td><td class=\"sbody-td\">49271F1A17ECC761235C2CFCAA5BE7856B5C4043</td><td class=\"sbody-td\">92D40F9E72B15353730D3F3B2D0D3A2FD8D5D9EB88620285A4B8FFD6A6FDAAE8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-ita.exe</td><td class=\"sbody-td\">C6DA0ABC4A614D26FF789F6671E075C48DB4E921</td><td class=\"sbody-td\">99B503BFD5A6D7FB57A9F29868832FA2B4D3A3581775BCE9CC6292C6C63E3B91</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-chs.exe</td><td class=\"sbody-td\">55D7DF59F4120882746EDE0C88AE18FA13E2656E</td><td class=\"sbody-td\">F5F6BC7C6B3CE82DF64235DA3A384896A8AD7850BBEB2BD2C9BD6F0A79135AF6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-trk.exe</td><td class=\"sbody-td\">6341B3CC0D30E97C21F663EF2FF315461CF0D9F3</td><td class=\"sbody-td\">45E44ACD48E1BB1165D0429BB6DF6478C8286174972CD7E4A44FE8B97E0D81D4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-rus.exe</td><td class=\"sbody-td\">C2DE6F6D9F0C946221A561DD747F06986F1F80C2</td><td class=\"sbody-td\">29164695BAAFC26E99BD4363787D71CEB26F28857C069F5DB4C28B68E628759B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-sve.exe</td><td class=\"sbody-td\">BAEC609413E2B63036797B91DD83B3F846501AD1</td><td class=\"sbody-td\">895E73B1B7340D5F13AA9DE57A38E93B0473BFAC5623CF0962B0A9B066B0EBDC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-esn.exe</td><td class=\"sbody-td\">520E5F469C55468D990C4A9B45B58E9E00B4FC5C</td><td class=\"sbody-td\">1207CA4DC0C093EF0792B54BFB4BF0FAAAFB9BC407C3F0EE412DF6C4F4A4504B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-ptg.exe</td><td class=\"sbody-td\">D0E1CEDDBFFD8A10B5EBAC568BB72241364453BA</td><td class=\"sbody-td\">0AF5DBC61D454601A4F9AECB5D979993B541DAAE11090C6A2A1A61C45D202B5E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-kor.exe</td><td class=\"sbody-td\">8D6B0D5B080328AC6D3ECADAC9524E1BDEDB9EE4</td><td class=\"sbody-td\">1855D9D549A714C38E29A6CA11798A1418A63AB4EB5B21D724D488C9E76D84F8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-rus.exe</td><td class=\"sbody-td\">CCA5558F2076326C1BAC2F682C920911729F42CA</td><td class=\"sbody-td\">4D1617A49D63ADE567105AEAAE495D76C42DF5A43313652D19B2649B931F3997</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-esn.exe</td><td class=\"sbody-td\">4EADFE9DB4C9AFF061D1FB8B6395C9C3E8B49CB4</td><td class=\"sbody-td\">CFD65D5D8B88794FA5528E51F59211AC06B989A7E7E2C81A37FBC807FF29AE4E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-kor.exe</td><td class=\"sbody-td\">CAA96AB4199B553A6CCF3417ECE6D21F08DC9BF6</td><td class=\"sbody-td\">2695A8C82629A82B181E2DC76363917F2E957D562B190A56D0A121696459338B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-chs.exe</td><td class=\"sbody-td\">AB615DE8CE915281A6175C4927D5896F05C9E86E</td><td class=\"sbody-td\">18061A35C113484614F568B4C2E6958EDC0201D73837139C05EB11A206FE6949</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-ita.exe</td><td class=\"sbody-td\">201A560747B730990976382944DAB6024289A960</td><td class=\"sbody-td\">9C926085D6DE959C34C0AA3BAB934924CDFCF2FA609D3FAEE90572036743FD71</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-nld.exe</td><td class=\"sbody-td\">D9291225462A9C95ECC24E4056A15A614425982D</td><td class=\"sbody-td\">FB9BC832EEA32D85188CC672F48F979C232A1126D7AB0294F470EDC0491BF4A9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-csy.exe</td><td class=\"sbody-td\">B0EDA1894F1C609437B4F43E82139F614B3E50B6</td><td class=\"sbody-td\">61A67DC529CE87B02BB7A3B7386CB2060DDCF5353F1A6692A3F66D4D84FADB3E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-ptb.exe</td><td class=\"sbody-td\">75E54D51D1BA4F1DBA1D82B74DDADF407C24DC9B</td><td class=\"sbody-td\">4B77C626DF204B1B6995197226815D09F760B037DD149F3EB8CA1B29FAD518A7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-fra.exe</td><td class=\"sbody-td\">F6127D77CADBA301CA658F7D28ADC0875E024234</td><td class=\"sbody-td\">7A89835EADEC0CBA1915B10D9D707E4C0AACD271E2A89CE54EA3CB1097FF64DE</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-deu.exe</td><td class=\"sbody-td\">324B4AD1ABFDCEE18641AA70D1AAB5E7419AC726</td><td class=\"sbody-td\">D8113983BBDAF953F1342C6933608F0993888BA64B83D60E70D85518696267C6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-jpn.exe</td><td class=\"sbody-td\">6E944314F86522FEF44579A173847D2FB3C83406</td><td class=\"sbody-td\">CB143BB175E08D970079451393D6A5F3FED82D553A5ED2EB3717A2382806E1F7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-plk.exe</td><td class=\"sbody-td\">BE74802AE609DFFD2460DE61F54926151514C355</td><td class=\"sbody-td\">EC1D553C7FFBFF24397482E513194FAF2A8C6BD7B44EBF92005FFFF04C6ED1A4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie9-windows6.1-kb2699988-x86.msu</td><td class=\"sbody-td\">2820E2FD398378D2CF4B1EDDE7A086764438F7C2</td><td class=\"sbody-td\">E38929923CA479D817B0588EA62B325FF202F8F2524F3AA45145385F5AD4163D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie9-windows6.0-kb2699988-x86.msu</td><td class=\"sbody-td\">620B26312E3485E2B536834A82BA8963917D2CF7</td><td class=\"sbody-td\">7D92920B0474676BEF0C5B05A665F096DDF2EBBFECB208F24803527EC73AE13C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-enu.exe</td><td class=\"sbody-td\">E6B4684880C31EC6AED099BBE078E3425398A94D</td><td class=\"sbody-td\">B5C7B8ABC841536571889F7F3A1FAE6E4354191273DC4A5084853FE675C4EC96</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-ell.exe</td><td class=\"sbody-td\">96CB74D23D25963E4F2782339D5412A0E782B189</td><td class=\"sbody-td\">543620A6EDF7E960F2CEDF9302603308F59A32B2F11A1CA8835E91C62FC38433</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-fra.exe</td><td class=\"sbody-td\">545987F11166DC04D0613D875A646DFEED9AB7D0</td><td class=\"sbody-td\">E77210B39D945DC9A38CC6900AE7EA2C82A8C92A70D65A9E857E7E315269EBAE</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-ara.exe</td><td class=\"sbody-td\">F4D0F87ABF38FBF275392A3C9748A36E2CE13934</td><td class=\"sbody-td\">22C0CAD9536F3B9FC49CB44F3E6FDFAB26719905940F8826A461D25131685346</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-jpn.exe</td><td class=\"sbody-td\">56CFACA3F22B03B4F7A773A917CF999080276C77</td><td class=\"sbody-td\">CAF5FA8DC7161605CBC4908F568F77257E34C0236411D791F1E966815E01E81C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-deu.exe</td><td class=\"sbody-td\">35CF11BBC1A60606C2511904613F436FD05D269F</td><td class=\"sbody-td\">4D2E77852804C1DECB0EAD9367F1CDD4E485CA47B9F16767A3E04FA07AD558A8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-cht.exe</td><td class=\"sbody-td\">E120C08405EBC05D0552EF2C73DCC1854A72F739</td><td class=\"sbody-td\">F217F1013890839DDB8BE591D02DE0D906F073C341EF0B05C92CFDD30185C182</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-chs.exe</td><td class=\"sbody-td\">931A16D0BE4EE89C23759B95BEC85AFC3CA3B50D</td><td class=\"sbody-td\">1340DCE0BF2C88009034801835EC4B5FAB0B983CBD50CEA1171A9043583FCF24</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-ptg.exe</td><td class=\"sbody-td\">82E6714C328D518A0FFC389FC5F0871A69368D5E</td><td class=\"sbody-td\">E3D03FF3C8FC90579FBBE1952C82C60838844DD5FB9B56C61F02A449B0E514D9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-trk.exe</td><td class=\"sbody-td\">77F654C7309DF235FD4F564F139FCB34D7B17440</td><td class=\"sbody-td\">7DB8389DB0D4E0BE1BF326E7520AB4FEF91F17F395E76B0F71BB9AF620039FFA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-kor.exe</td><td class=\"sbody-td\">11FB70381AEDCD7248CBF4D10384EB02516D2725</td><td class=\"sbody-td\">ABBE958725DC90FD8EAC57A8ACDB352C44147ED39FE9BD41B2082DAA548A6C0C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-dan.exe</td><td class=\"sbody-td\">1CCBA29C539D11940CDADB782A25438D3CA95812</td><td class=\"sbody-td\">3B71F651A417D30DD0568B6080FD1E4B66D30211BEC9EC6F24098F381F3607EA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-ptb.exe</td><td class=\"sbody-td\">B12214C90CDC27661538E758FD7CEE22A300DCE0</td><td class=\"sbody-td\">9E42CF3CEBF0E8E649031557E2447ADC831446FC282C1972FA7A62B7427C2D49</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-fin.exe</td><td class=\"sbody-td\">F23281BE655B1BC3C7E6B73254578C9EACD7EAFB</td><td class=\"sbody-td\">E345EB64527650446802AE99A939F391B5B88CD8FA5CBAC25D5A605989928562</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-sve.exe</td><td class=\"sbody-td\">E75AAC374D05F857F5F6A8A3883C8F94ABCB4706</td><td class=\"sbody-td\">98A1D235EB24F2744F2E91FEF3F391A3995B439B03C71888D10596EAD2E5BF7A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-csy.exe</td><td class=\"sbody-td\">C0022581F3A7E835DFFF778D7222A8879C2A048C</td><td class=\"sbody-td\">A8E2154B9EA8CF6543D6604D362F3168BD4AD09036775A38FBD0B3B5A67FB57E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-hun.exe</td><td class=\"sbody-td\">31A770BF7B72685937B601DEF801FCC930DA3007</td><td class=\"sbody-td\">66513AC64441CB431A706F664E8D340D0CC8D4ED1EEC7ACBFF05B3185D77D531</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-nld.exe</td><td class=\"sbody-td\">0A44861983618C137B45239871E508580E123748</td><td class=\"sbody-td\">1156B2987BD04288B820B17085A689E7B1295E03553EB7CC287A18C10E11E5B0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-nor.exe</td><td class=\"sbody-td\">FDB2F26CF765DC648B649D77F38092825E28A5DC</td><td class=\"sbody-td\">F996F642D9B8B1FC85BC10675120FAAD8C9589C16E5D0C7EB07B31D45B792AAC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-plk.exe</td><td class=\"sbody-td\">B99C2E9E77386EF15B2A6ACD157F95FDCEB6C37D</td><td class=\"sbody-td\">79D508446B5BDC84778FE7624D53BB6A01D21244EA512A0745B44A221286CC37</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-rus.exe</td><td class=\"sbody-td\">DA539EACC8E89D8F23AD9A36DB36C3C85DC4A231</td><td class=\"sbody-td\">726334A9E11ABA40946865C11E35A8802EE2C75EB28D33A0413E7EDB8F243810</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-esn.exe</td><td class=\"sbody-td\">F5FE8E0954B6009E1831D93FF9BACA4FFA94BAE0</td><td class=\"sbody-td\">36034FC50F85919EF95BD3F63C5620DF5D4287CEF370637080CED359CB3D10E9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-enu.exe</td><td class=\"sbody-td\">62359CE85561D32E7AE4F396957040AEA02321A2</td><td class=\"sbody-td\">3292E51A39A405849AD0BCE7A37C53A1246FDC41B8C56BC9CD2EB891D793D46F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-rus.exe</td><td class=\"sbody-td\">F2D3A09FAA78CF8C9CAEBE7191A5B37583BA65F9</td><td class=\"sbody-td\">DA315B176A3E9529B5DADD7A1DA425AFA39385BDE06DEC6DC251B523C1AFFC9F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-csy.exe</td><td class=\"sbody-td\">203AF738AC1E40B97B7F8A84EDEC61E0752F94BD</td><td class=\"sbody-td\">B3C64857417ABD69E663B14AD53717675BEF44C4C35CA6CDAACDB167B067EE7C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-dan.exe</td><td class=\"sbody-td\">CF811B052E3C05310095F13AF85BDD20A2CE4161</td><td class=\"sbody-td\">DB3FCB899BB59821C94BE6C35E347ECCDB8114635DC1E840217D64DBA755277A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-esn.exe</td><td class=\"sbody-td\">9EDC8536C6400958E30C80254131474247803EE3</td><td class=\"sbody-td\">2C07786B223FAA83EEDFAFDB02858310D8C21407384ADA94DF9E7CC0399AF534</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-fin.exe</td><td class=\"sbody-td\">486075C772D6425ECAC9AEF3C93BA16E69739B81</td><td class=\"sbody-td\">4AA219AF257A94A065D5F539E1EC43E11E1EDE09CD8DAD724F77140A55D8957B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-hun.exe</td><td class=\"sbody-td\">71E6715265E829F5BBB91C89293ED9005E35718F</td><td class=\"sbody-td\">6F428042F3A0A3618DFE5362C75FA76D03A171F5A5F3F021FA7E95A6B0ED53C2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-heb.exe</td><td class=\"sbody-td\">C65ED3A6997FC339F887272341014024D863DB27</td><td class=\"sbody-td\">424E00A9CCCB8BDA79414D142C307671FCB247C677060FD26AFB83CE54492F06</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-nld.exe</td><td class=\"sbody-td\">337BA1A18E74AEC0E55F57BD09F4B6BFB33D3BEC</td><td class=\"sbody-td\">16C333555F05FBC2213A26421290A9868A17207E32CB7D98E621F556B8BD0441</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-nor.exe</td><td class=\"sbody-td\">00FF897A3CA089140C14CF41CB4D8EEBA54D192F</td><td class=\"sbody-td\">42EDB8FB4F6285864AAB6759583B9D6D0D16767F54ECE6B11DF7A15860248C80</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-ptb.exe</td><td class=\"sbody-td\">7B21F73AADCC2529FD6968FECE22118503FBD17A</td><td class=\"sbody-td\">709D65B75F588FFB5FAF2B945705C11E482909436460AF3BDBBF34CCD1895034</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-plk.exe</td><td class=\"sbody-td\">B89C258E5212B6EA179D0F4668051927CCCD0B10</td><td class=\"sbody-td\">F7A3B08F77E85610F4531B397A3D7FAAEA91A5194A9DA2380EADA3F91F2CD56E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-trk.exe</td><td class=\"sbody-td\">A087F347C49B6E532A7F8A9A5D47E027E1FA4ABB</td><td class=\"sbody-td\">84A1C02AE0DBB9951BA6AE8488ABED944DB669F306ED4C0F6323E4B15F5B9DD4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-deu.exe</td><td class=\"sbody-td\">250178E27BEE432E81DFB0610A8E8FC704099FBC</td><td class=\"sbody-td\">96AEC5CFEAAB0C935AE875A7215A1A1D83AFAE1148FCF03E9EF1EEA3B02680CF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-ara.exe</td><td class=\"sbody-td\">7047D0AAA08F52157D9F1192AAC7E56939FAE19E</td><td class=\"sbody-td\">07BAED225502C71E3EDE0CF0CC8DC4AACEDA778D8CCF945E932A36FC8ADD3992</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-chs.exe</td><td class=\"sbody-td\">8CFCD420CF20C2BB4B90D3F222F641725799499B</td><td class=\"sbody-td\">36C630DA013E0F7D01DC2FCBB8868DAC5EDF21D3B6FFC39E8809DB367E2EC945</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-cht.exe</td><td class=\"sbody-td\">A6A447F1DE44AFB6C14B7201E02B3D4B5417D755</td><td class=\"sbody-td\">ED408F573F26AED196E7B5E24693626F20257AD5FE4782C32371317041A56C3B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-ell.exe</td><td class=\"sbody-td\">D4E033E4FB8433680667D82695FC7D9F4D7793EF</td><td class=\"sbody-td\">FA7D0F5E769F533F8F79759E6EBBC86CC734B9BDFE856E8057E1F8A8628311CB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-fra.exe</td><td class=\"sbody-td\">9CD9284453997F5944F1B973722E731FF76CEDC8</td><td class=\"sbody-td\">42126089607DB426446A8CCE05F5DB57D02F5902543DBAC35F39365DA7708BBA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-ita.exe</td><td class=\"sbody-td\">17B9A0B91B9ADB37E9B108FB8E1E3A9B07564D04</td><td class=\"sbody-td\">B24F51890C536BD0C383872EC748DA4008EB8A69B20CBFF624447ACFE7EEC3A0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-jpn.exe</td><td class=\"sbody-td\">383C44586CDCE6A6028D78CA6E0D496AFD8DE783</td><td class=\"sbody-td\">F11FE6AE375E32EFD9AE1B1A88F901E2D1954E7651F3C7A674B16F0A6CB68EF7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-kor.exe</td><td class=\"sbody-td\">C272BC3937C0F61CD97F63B6BEB686BFBA976630</td><td class=\"sbody-td\">7CC02D2479F96D9FE543FA3770441B3E8E195A476CE539F14894CBF8DE8920A7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-ptg.exe</td><td class=\"sbody-td\">BF07E353DC1FB99248F3DEB42AA0134F526A4B58</td><td class=\"sbody-td\">3ECE27F0C28618E1696499C355A998464F7F355891F49740FE5C9279D4B79BDC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-ita.exe</td><td class=\"sbody-td\">7CA97C8553705D5008CD7861C40CC37402DDBADB</td><td class=\"sbody-td\">C6D7937D45A0AE56C32BE5D7EA678292D48BCDA791E6D03F61C73C50A30555C8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-custom-heb.exe</td><td class=\"sbody-td\">66DDF35E91D63DCF6465B42FFBFDE0391AFFBAB8</td><td class=\"sbody-td\">985AEC213560E5137EE356997540B11326CC8209193CEF52BD2E9909B77A9A2B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-enu.exe</td><td class=\"sbody-td\">4B54037D71B51DE5E40CEBDD74CBD92891C23EC2</td><td class=\"sbody-td\">EA7369ACBB1F4930F40D0CA9D790325C80703CC7C3990A5008882D4CC500C065</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-deu.exe</td><td class=\"sbody-td\">0F1552EAA72EC08131FF8522E04B249323D4AA0F</td><td class=\"sbody-td\">E2C074E9EE049F73AD523046E26DFB5EF95D168BDE3B21519C7B03A2B7F1FF55</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-chs.exe</td><td class=\"sbody-td\">58BEB55C699CD6F39E2E3FDEFC658B7196309D3A</td><td class=\"sbody-td\">E1C19E133332619AF31A852513077731A7C093D4A85A88A4C2543FC3C14484A8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-cht.exe</td><td class=\"sbody-td\">3FBFD6F2C3B9A3BDC3AE73439A4120D1957A3FE4</td><td class=\"sbody-td\">5A126A41B6409CA317A16200BBECFDF0448123963DF7C7BB00CCC43353DDDBD8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-ell.exe</td><td class=\"sbody-td\">86A43D6105FC1A27C44BA64601F96262A2377643</td><td class=\"sbody-td\">ECA4215216700436EA1DF522A903B8ACAA09FBD0F4744338987C5740A8221233</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-fra.exe</td><td class=\"sbody-td\">CC34FFDB979DE35EAC6728FA092B8E23B64F3A50</td><td class=\"sbody-td\">C6566C046EC063BA9AAC19FC0183AF601B58F1BC4060DD871A6975C7C43F9EC3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-ita.exe</td><td class=\"sbody-td\">0C78B3D3D0EDF32BA42FD345531910A6B281A57F</td><td class=\"sbody-td\">EEC81D39C3D75C185F5D2CAE7B03FD0F520417E7E65F233EF9F52C9861F24E6F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-jpn.exe</td><td class=\"sbody-td\">8B4A900F0C6D943E75C102F713CA2555474C1103</td><td class=\"sbody-td\">80376E7C2BC372D2FF5026EC679E22EC0F6F0F9D3377B458399635C10A3B603F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-kor.exe</td><td class=\"sbody-td\">869B077D8EFF61C4CA075EDCB76225EBE136F993</td><td class=\"sbody-td\">EABB035F20B2518B45607A84154CEB8716ACC7797D7E593A5948EAD7DA94D268</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-ptg.exe</td><td class=\"sbody-td\">F73024C7AD43C1884F7A91DD899E3D6A974E34BB</td><td class=\"sbody-td\">64C326628BA01DD03C57A78C2C2AD0CD6002C1F0716D99DFC5D44B104AF06DEC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-ara.exe</td><td class=\"sbody-td\">611DE842AC9F471A5EE46FD29C7702717CBFF8A7</td><td class=\"sbody-td\">CEC615BA53FCB3791976CEB26BAD4846A65DC26C644F29E7CDCCD9630DA6308E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-trk.exe</td><td class=\"sbody-td\">47077E225965D2245C4D49AADECD6FEEA79A6F27</td><td class=\"sbody-td\">9F7603A43F1CAC6E15B8C8457638F25299AC7828089855740E0F3CCB03901419</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-csy.exe</td><td class=\"sbody-td\">9E2F37DC2E148C19EA6FB455C54602429C3CF683</td><td class=\"sbody-td\">B66788F4BF62235451DE65AA1E49D3C0D7D35DD820CAE320A9B64EE5AABF3EFB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-dan.exe</td><td class=\"sbody-td\">20F2514D4E2C953B024650E9CEA4B35B682BCF6D</td><td class=\"sbody-td\">2BD68162D487AA2E70114000B0508FB9B1AEAD0EB9822895D377C8B38880DDC5</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-heb.exe</td><td class=\"sbody-td\">65A0A789EB052734CB9F303C463AC74CA66FDF61</td><td class=\"sbody-td\">1BD09E9762984F150AB8FA738C4B4157FC69A8D515A5220749BAA20259ABC198</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-hun.exe</td><td class=\"sbody-td\">E2EA19AEB97950EC747D341A3DD2C111C8A7138E</td><td class=\"sbody-td\">A297C533ED4AF43378599279C251BB577FA6A576D4516211B36F733A204E5C44</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-plk.exe</td><td class=\"sbody-td\">A81FE41CCF416F78C2642B3A3C369002614C2CF6</td><td class=\"sbody-td\">6E1EFB3904CB480D221AE4D5E2DC1B2F22F727E9291047AD32473868E51A85EA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-nld.exe</td><td class=\"sbody-td\">CDCDD0ACF4D68F57130C4D4186A1A6948E86E995</td><td class=\"sbody-td\">B08FBD28E9EB22DF2F36BDC339152E5F44E6C89B18B810A25E89C7A326299504</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-rus.exe</td><td class=\"sbody-td\">683968105F8910354B8D0449E5E93AAF47C9867E</td><td class=\"sbody-td\">E7259D5FFCA15E5D3676B7FEB810C9E8C75F42DE9B26BE81619F513C37B33066</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-sve.exe</td><td class=\"sbody-td\">5EA55E5B27D6F786B98343634B234F619FDE6698</td><td class=\"sbody-td\">E05EE9C76E8275DC5640645E543EF19AAEC6441EAFC30E0BD158EDA17508EDD5</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-fin.exe</td><td class=\"sbody-td\">9390F00404DE57046C8C5729612D5D00EB5868C8</td><td class=\"sbody-td\">4979C4773DDA706DBD0F26CD583D6CE6C0A8E615C269EC1F284DF734F6ABA280</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-esn.exe</td><td class=\"sbody-td\">13D40A0E67AF1D9CAA41E5856153913B4C1446CE</td><td class=\"sbody-td\">706B585BBF2045B65D98FF79CB22477B137D96C2161214A2CA82772C2D9310D7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-nor.exe</td><td class=\"sbody-td\">E706400DA83F148690488B1E3486B08BBD46C57A</td><td class=\"sbody-td\">741130172D5839E9AF1D62F274253B68BC4E659EAFC4447EAC4C358C74EF309C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-custom-ptb.exe</td><td class=\"sbody-td\">B7966832F8670D9DC9E45B957E97B7E26F197384</td><td class=\"sbody-td\">4A7A5FB6D1D928536203C066C4A8407CBD682609EC7DB8B8E01C6AA2FB17369D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x86-custom.msu</td><td class=\"sbody-td\">87F046BDE2485015FB54C21DD1A6FFC27B36FED9</td><td class=\"sbody-td\">73FD742B8343E233F91A332E9E1CD8A07C1D2AD2B0B9E761163D2CC4B24B1472</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsxp-kb2699988-x86-sve.exe</td><td class=\"sbody-td\">0B51AF449DD60451F5DB7187083796C19158500C</td><td class=\"sbody-td\">90AB41C5657DE4942A62E4D12D977C14059E38542028D4434AD951DA33D09E01</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-ia64-enu.exe</td><td class=\"sbody-td\">9BF292AF89FBBE09B92D0A2FD40E65E98B456D23</td><td class=\"sbody-td\">4A0C3CDFDBB102EBEC254FC57D867DA561F612809899EA0B211449CE03B62577</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-ia64-fra.exe</td><td class=\"sbody-td\">884A078B24E4A54A21E43FCBF40D40F8C0BC3AA3</td><td class=\"sbody-td\">D0C21CA28CFD902277AB0258FC72B8C6092018A06C1D69311EFC1563542A1A28</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-ia64-deu.exe</td><td class=\"sbody-td\">3206104956B57FE260DB42316F624406BDE9FA4D</td><td class=\"sbody-td\">73EDB297EA162F6E3C79BE864A6D6519A362B9559FA676F597F563DCB9959F9D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-enu.exe</td><td class=\"sbody-td\">A81616A7CE0D3B51099EAEDA61277341D4047E73</td><td class=\"sbody-td\">88EA3E11229A6194751E1A56A0812D2FEF568D2C67703EFE7766358BDFE43477</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-plk.exe</td><td class=\"sbody-td\">F411F9525D70DF6AB85C449451CD2BA3DDEB84AB</td><td class=\"sbody-td\">CA84FF5F07D1B552A822CB83BAF503E155CB99FC9CA390BC4E1E336C6621F540</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-ptb.exe</td><td class=\"sbody-td\">5A33C1A072A2A08FCD239C3676B2CA8EA0218FE1</td><td class=\"sbody-td\">B2D83D61E274F9C647BE23B8214F166394FAD20297759495C45EB867619B862E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-hun.exe</td><td class=\"sbody-td\">B509651B6DEC8AD7EC2A8D4B01BBA292DF589AA7</td><td class=\"sbody-td\">1B39875899ECCE43FC97880453A72B96110706CE3255B774986D966400AC05AD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-esn.exe</td><td class=\"sbody-td\">AC1B97DCC522E7599A89321750F7517180FC9F08</td><td class=\"sbody-td\">422844F2EE87B996D4693762AEF8D4FCF3148DDC621B4CBB3202748BC1561016</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-ita.exe</td><td class=\"sbody-td\">EFC8E666C8E989901B4FF64A52C045FD35D30F8E</td><td class=\"sbody-td\">238590A1A8A1A0857376B57ADABC67B1B08B3C9C3271EDFAF37120A7F6AAA052</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windows6.0-kb2699988-x86.msu</td><td class=\"sbody-td\">A24767B084E0C0613E270C951BB132572BE49031</td><td class=\"sbody-td\">1D8B3FE110C263A84B0F6BBD0CAEAD6B25519682E2307A3C8D65BF711B2AB88E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-enu.exe</td><td class=\"sbody-td\">627C747568C1E21CC2711693E8AABE9E0A5CE6EA</td><td class=\"sbody-td\">BF8F7D43626AE5BFD1E68B27A6A365DF9C044A14DCF7A2595E607CF1214B8DC1</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-fin.exe</td><td class=\"sbody-td\">5AF8ED7189E1C3B35CDCF76AFDC2AAE8670E713B</td><td class=\"sbody-td\">4C17020A572988B01AEB7582BCB104EE0EB69CBA2F6852BBF507022AB1165172</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-csy.exe</td><td class=\"sbody-td\">B879485954774CFD5CF1B9892CBF8DAD5584BF95</td><td class=\"sbody-td\">60F1C6A4AAFA612E82E67F760BFDC0EF7CAAD7D7A039BC292F4E0EC40DF01405</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-esn.exe</td><td class=\"sbody-td\">AEA6E2F646268DE066B110472EC56618FD19F580</td><td class=\"sbody-td\">7E921E9100B967DECAE1E36F011B41F0DC0843AFFB7293224C1085BF19F46FD9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-heb.exe</td><td class=\"sbody-td\">A338ED9E9959B4C933CA5662F11D8B46BD4659A4</td><td class=\"sbody-td\">A65558846B6FFD7F5F949AA77A6994006FEF7BA7B5009C31D7E84B38CBDE2AD4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-hun.exe</td><td class=\"sbody-td\">22E4CD28A2A260A2328F988513230FBA30A0D29E</td><td class=\"sbody-td\">78A2F1C937101C09B15F18B22A82C8180D17DB5A9D5CE0E83CDAD945DB906B51</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-sve.exe</td><td class=\"sbody-td\">2C0FE3C0002A9A683157BE6E03127C7C993B5B88</td><td class=\"sbody-td\">5C0252FDA179573B266ABE1CA31AE8A20DB7AB3031FCC445D2A33E17DF54B14A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-rus.exe</td><td class=\"sbody-td\">1271C5343F3C1D5F9AEFBA0DA3E02EBEE89CF141</td><td class=\"sbody-td\">CAB5FD059EEF1E2582F1F9FE27F0423B9A6996B9A28BF43CF9B278AFA92F0D76</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-nld.exe</td><td class=\"sbody-td\">E6B4ACE0F24AF6DFE51CB6F42AD169F794CE967E</td><td class=\"sbody-td\">9B674CC1DCEF4EBEDE1F0135F27740562546C479C2A482501A6E2A9AB4E708B8</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-nor.exe</td><td class=\"sbody-td\">24AF0D8820C4E915785D165F63148397C8F2277F</td><td class=\"sbody-td\">A639E65327BD89BE17D72EC50258248D09F40B6FDA0BBC5E34BFF71CB883C387</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-ptb.exe</td><td class=\"sbody-td\">F6E4B876CF90C2DE18F59E51AF33B9D8E1A428AA</td><td class=\"sbody-td\">1195A57A4D6A56FFCDFA65E3534B7178D91BE2ECB97B62F903B7EB07D06A451B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-dan.exe</td><td class=\"sbody-td\">2E3C68C7A5FE0A597EDD5BE81A83C954729794E7</td><td class=\"sbody-td\">5459A7F7A8683249FD5D9F66C094A8B80EA7F9CA9058197AEFAE652D4EAEF647</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-plk.exe</td><td class=\"sbody-td\">547377A435002F398FBB4FE5B171B06401DFAEDF</td><td class=\"sbody-td\">9B5B3B95C25547F4E06DA645DF92A187D2E74E354A17AD3C123F1358342B1A92</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-chs.exe</td><td class=\"sbody-td\">7A3846DA2D63E81497E41D911678221E006DA4D6</td><td class=\"sbody-td\">AC33C7F7F4BDF265CC060E578CBB2274285AEE36370B292E1AC22CB14331BE12</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-cht.exe</td><td class=\"sbody-td\">3BB4449248FB21F0C653F80AF0E9E6B14F1A66AA</td><td class=\"sbody-td\">D5625D0636064ED40E42C4C220D3487D92DF726CE28469BE58BD1EF1B36E928C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-ara.exe</td><td class=\"sbody-td\">50EF1C981FD9242598E8ED74EF283C73173B3701</td><td class=\"sbody-td\">EF50E1C339F4C2CC816600845D6569BF7023BD1BFD6D2ED44A95066F7CCC9554</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-fra.exe</td><td class=\"sbody-td\">91C217E1837A2CC757D1C0EAC8169A3BF4D9B430</td><td class=\"sbody-td\">C3D06C2BD604277CA518AFF758651C0571CD880B45436DEC972FCA457A0B3FCA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-ita.exe</td><td class=\"sbody-td\">C5954275F75D0A8D00A0082DF814342252F5E287</td><td class=\"sbody-td\">B2262D687B2229EC733350211B896043A37E3B2A7B6F88A05BE46C95F3423E8B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-jpn.exe</td><td class=\"sbody-td\">412FE146E85D7ED2DFFC02B13743580B1229DE1D</td><td class=\"sbody-td\">3F135D9D4A6B056D42BEFDFFC4A157685DB1E1CE0D8C1BBAC220969C0C92BB18</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-trk.exe</td><td class=\"sbody-td\">3E26B00A9B993B3A2FCBF704A84F214F19960F86</td><td class=\"sbody-td\">16BF78D26D068DBD4F6D38DC64B7CA97A663E1633D58BD1EC71273B7CC1C6CC4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-ptg.exe</td><td class=\"sbody-td\">77D39CEDB7A9DE60082A2452EA8643F67093ED2A</td><td class=\"sbody-td\">79843378318633F913626E8B68D175606C3C99B805124F0CDF4DA61780C18DD0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-deu.exe</td><td class=\"sbody-td\">3C4CA53D53CFB32790DC0EC81CA9E3109D10309A</td><td class=\"sbody-td\">FED6BB1DDC0EE120706F7D34BB0311223EF869120E43B2C63D7572716A2A8C3F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-kor.exe</td><td class=\"sbody-td\">3255B624EF7531FE0AB4AB804D274C1336CB749A</td><td class=\"sbody-td\">26E8D1B3EFCB6142530178E7A4DD10D66115F050DDD32C93423D12FB62C54C08</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-ell.exe</td><td class=\"sbody-td\">9BDE62C34C5A31F717A95C257B5DAD53CE79A459</td><td class=\"sbody-td\">12C3F40E7FAD037400EA71E80ED5BC5B5CFB047E981FAE330D1B46171F37BE33</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-rus.exe</td><td class=\"sbody-td\">B67B100A68BFE5C18C48BEB99F34D5DF65B4FB1E</td><td class=\"sbody-td\">F068E9358E5AB3E2D812D550A3DFC4EE24C1D356E4C1686DA2D533A9A7974B7F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-sve.exe</td><td class=\"sbody-td\">3CD1A55606A0BC5D4AE58AF2C22869A9473AECE0</td><td class=\"sbody-td\">5869D94E1EA12E706018CAE16569DD7DFB273702813EA00825197ED57DAD9015</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-esn.exe</td><td class=\"sbody-td\">6F5B01D41FF6A9EBB00D40668321CD78BE6F896A</td><td class=\"sbody-td\">39B4936F0B257EE481074859FC79408DBB7181D300DD306B50FAD40BD48DD7CC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-fin.exe</td><td class=\"sbody-td\">EF87D8C33143C99124B729C7C303D0F46A90D3D5</td><td class=\"sbody-td\">BFE0D0EFC56BA4E571DFEC54E25165E4804BBE28085AEB47D3192D643C1F8555</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-dan.exe</td><td class=\"sbody-td\">C89A99CB92C3EED42021C891E65A5536B7732672</td><td class=\"sbody-td\">E507E6D84FA6901C9F683C32B01C84D52FA2C531E7574DCE03CE6124C81BAF67</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-heb.exe</td><td class=\"sbody-td\">9D6256F165B6987E68FBF3063CBA4D2063F0819F</td><td class=\"sbody-td\">7F3408538C43F3CCADD13EEC833B86A2196C94F5112C2D4154A680BF78D02541</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-nld.exe</td><td class=\"sbody-td\">514BC69C3C2A6615BCC6410C293E6B9BBF389313</td><td class=\"sbody-td\">7400B76A4AD3A67A28FA47F2C6CC2427EDFC1257232362C70AF60E0E5F4D6DD4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-ptb.exe</td><td class=\"sbody-td\">E08874BE1C472C4F54830C3A89678DC7E31706C9</td><td class=\"sbody-td\">DB6239501C6374737B42ED389F576E4B9CC7B5AB925CF23225FE7237897BC67C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-csy.exe</td><td class=\"sbody-td\">B4FFB29252F43F0FF91A0EE26A563EAE99837828</td><td class=\"sbody-td\">02FD91DEECDD6EDB058BD4B498A8429ED2A19E919A324ACBC1A16223D52CC26B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-nor.exe</td><td class=\"sbody-td\">93669F99BBD3BDAC3F3C1D46C06C13FD17EF289A</td><td class=\"sbody-td\">EE01CFF57C560AC76E93794520CE4D983257B3D906F39E03FB7984E9A2A08635</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-hun.exe</td><td class=\"sbody-td\">5F60CADADC9024015ACD01D3D83CEB18CA8DE77E</td><td class=\"sbody-td\">A632F721C4E95D13D12791061E125600790D942F5E3FB54994E6499BDF64AE93</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-plk.exe</td><td class=\"sbody-td\">8A720D7DB6FD302169973BD7FBDA1744A20E607B</td><td class=\"sbody-td\">5E3AF1932818AF5BA49F9D2B41B3E3AEEE1C195600B3D3CDE0428FF081B6FB39</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-trk.exe</td><td class=\"sbody-td\">9E74B3098A9194A5B56CFC1DA1140654F21FE236</td><td class=\"sbody-td\">7561F39798A58CA17B7CE69EE8A10039C0BC085F7351085F7663A790BEFF2698</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-ell.exe</td><td class=\"sbody-td\">C2E6782F96581A34A97A5923DF9B6E40F32AD472</td><td class=\"sbody-td\">AAEC8EE11ABD653753518E4CD70E468A83818D154AC6F145A7FF1FA63DFC4132</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-deu.exe</td><td class=\"sbody-td\">3C28E9CE3DE9FFC4BABB83109AD578B9B01C880D</td><td class=\"sbody-td\">76CFEDC57448FF3C4582059A9B78569C21F7B8AB7C4A35DB40DF516B02A1BC39</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-enu.exe</td><td class=\"sbody-td\">AAEDE07C9A94A51F39345F8B6C360AFFEF733237</td><td class=\"sbody-td\">F1DCA1495ADBEE9868458025E1BF7776465611A275571DD854AB6523B29D8DF6</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-jpn.exe</td><td class=\"sbody-td\">A3C33B0AA97F7EEC668EF478E78EC8CD64526675</td><td class=\"sbody-td\">0DF85E4BCF4877CDCE577A6E32532471ABB23792C2CBC630821412B967259EE4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-fra.exe</td><td class=\"sbody-td\">3950B9E1C8BCE927EAF103C2FA26A0E87A2668E4</td><td class=\"sbody-td\">5400C1EFE2A011851186547EB8E88740CF5AB61C343C46993C17C2275BCF8318</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-ptb.exe</td><td class=\"sbody-td\">1929547CF2B0E91C9C4D284C026BF2CF6B7586E9</td><td class=\"sbody-td\">8653DEF834DC28CB1B329CED1310D01F0247FEA71BA1AB94AC32ABAFC85B13C4</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-deu.exe</td><td class=\"sbody-td\">5AD34FEF0D2C5E654EB3D6F82BDD280FC45A6F07</td><td class=\"sbody-td\">5F5E29DD1D21DB01D6AFC0ED5145E6072C4194757D2D4E09F916856EFC489D47</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-esn.exe</td><td class=\"sbody-td\">EDAED3C394945A8DF6E10B242D21BA32239118E8</td><td class=\"sbody-td\">FD74A6C482F5212064E6110CD7CD551C6571EFF8BB9D79C796DFBDE18ACBC24A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-rus.exe</td><td class=\"sbody-td\">E0DCD4BE0FFF4EFCA99DB6ADC44628ECE39FA34D</td><td class=\"sbody-td\">D240ABC5547E06B31F20D05251B91C250CAEDFE516A145AEC8093B497B883EE2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-cht.exe</td><td class=\"sbody-td\">3BC88A1260723F1F0C209B974AF658BB9D79EF9D</td><td class=\"sbody-td\">12C15434D3CA0EE8470CF555D8552C6911C398550519B47807F6445B9858D595</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-chs.exe</td><td class=\"sbody-td\">CC1C44D836B3A15A1956D2205C9C2578071D1FCF</td><td class=\"sbody-td\">BEEBC6DD1224CBD12BE4A73913843C4238230D6304599BF9D43D89AA5165B7EB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-ita.exe</td><td class=\"sbody-td\">974C4A2F54136A475567C40F0F684443D2BF580D</td><td class=\"sbody-td\">CED5DB368461BAE1AD9847C75A78B2433618B37FE0D9D9F6264CD2F9F4F3C743</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003.windowsxp-kb2699988-x64-kor.exe</td><td class=\"sbody-td\">7AD0EBA699293346BAB941039106564F8BBAB56F</td><td class=\"sbody-td\">2AD67406E693D37C371C90BC52E8366E9B236F1803D54D46B4F36E664E53D41F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-enu.exe</td><td class=\"sbody-td\">5439BA7C52F41037933ADD77D0E31A4FBF2D3822</td><td class=\"sbody-td\">B18DD013FC18980FEB3B8E4B15F3110FABF49AE131E1CBB326472A0B39E5DA4A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-jpn.exe</td><td class=\"sbody-td\">F91190A7DDC0531B655D853E8E0E99004CF2CE1A</td><td class=\"sbody-td\">4970F2751812E0630967A83D994BC032F3FAAAFB160D39066FE796E4101283EA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-fra.exe</td><td class=\"sbody-td\">BF065F6B9B51B77E4FEF9BCC7B5A35F3503D10D0</td><td class=\"sbody-td\">E308E747860F32F54EE27C4E4E7F815B5D4F10E3FDFDD522367285921C8F0006</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-ptb.exe</td><td class=\"sbody-td\">B3A3B01E928556054772BDEDF8063CE2AEB93855</td><td class=\"sbody-td\">2C9BC8CCEAE2701B66BDC44817487E1B2ED905F16775D77633A66807ED7F33BA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-csy.exe</td><td class=\"sbody-td\">13F7596C84BF670D60899F2BFB35D70F05E0A455</td><td class=\"sbody-td\">BCBA4EB440BA927C6C4F720F1E72F764A80EE852FBE9F7408B02E65874A3A849</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-fra.exe</td><td class=\"sbody-td\">CE1F3BE52044FA452D280974DB8EC882194608DB</td><td class=\"sbody-td\">9C2FAAB8AE48FA227A4610D329CE6B6412FBC33B1FB46603C9F2EAE615DDA277</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-nld.exe</td><td class=\"sbody-td\">022C01255EE447DC8BE60340B92C8E377DC98853</td><td class=\"sbody-td\">0C7B8A40EA8E232EAE2EA3D4C02DAD958369B78F2F67DD08336EA9B9DC277024</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-jpn.exe</td><td class=\"sbody-td\">CDB1CD79DC73E8D01D2224608A078226155DE24A</td><td class=\"sbody-td\">29F6065AC9371AA96A49AD35EEA06FFC89FF770CEF6BD5A08996ABDE0FF040F2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-deu.exe</td><td class=\"sbody-td\">B8E0E423B30D465EE158B6349A078281D9BC450C</td><td class=\"sbody-td\">DF7DDAECAEE84E39F119FB8B0E3785179F344285FC7E0AE249662A9AE8079399</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-ptg.exe</td><td class=\"sbody-td\">892351AE6CCC131B871594E756B750394E4CB31C</td><td class=\"sbody-td\">5EA1D3FE5226B8AE22A9FCAB3DA7C7BF3579BE785EC0161A203C908ACFA6972B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-sve.exe</td><td class=\"sbody-td\">363D06E868BCAFB0F7D9A20621D93D5E9DB11DFD</td><td class=\"sbody-td\">5B72C49DA9845A0AB9C6C660ACCFD3944A2D2231C5277AE85B5C1E011AC48051</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-trk.exe</td><td class=\"sbody-td\">2EBF5A591631CDA8D903C7A777E225C4D9D2A43D</td><td class=\"sbody-td\">E3C5F8ADA5852273DD53BFF1B7C21A645C26FE2F7436803A4569D3E5C5BD24C9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-rus.exe</td><td class=\"sbody-td\">713C56ED3A072A617A538532AD39E1E8CB6678A8</td><td class=\"sbody-td\">DF4A593960D29D1EE20696C73B1E72E0E717679B25CA4DE02181D3713DA4D541</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-chs.exe</td><td class=\"sbody-td\">81BE80A10277177FE4F3487E92906F8AA81D7AC2</td><td class=\"sbody-td\">B65CA0340C846863E88E493DF9F88540CB82016B2AA43B9555F1C418DF0DE5D7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-kor.exe</td><td class=\"sbody-td\">92C023E0B30D5E95FAE3B7C716598C3F886A66C5</td><td class=\"sbody-td\">FDD734CF4E87C9A92B350A35955B9999FE45EBF658E58F865A8B763BA8A1F07A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-x86-cht.exe</td><td class=\"sbody-td\">41F71CF7DFAD46396DAB99BE8A92D76B3BFCD526</td><td class=\"sbody-td\">3B87CC03BD142E54C13F995C7343886798228F7D3053097CB211E1008CBDEC81</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x64.msu</td><td class=\"sbody-td\">FC47B501926263E1DB4B448E173F751FD599F4B2</td><td class=\"sbody-td\">C54FB2D9B2FC0C1BA4BDF840E9B400D130692DA37C9044BFB99EC27D970DC5E3</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-fra.exe</td><td class=\"sbody-td\">3776561E2520FAD7090ED5B8DB470FA4C3B5DF82</td><td class=\"sbody-td\">3A25E0A1BF6C2B334696C38F8758F386BF4CE4534A3A4DB09FB489B82272A717</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-jpn.exe</td><td class=\"sbody-td\">BCB7C5FC4FBAD5821801F17569CF19A99D981950</td><td class=\"sbody-td\">C0B21D753DC6E541E55CD5AE77E904A67FCCB1020E3B55C8F9CFB3870E1E6CA7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-ptg.exe</td><td class=\"sbody-td\">114319A4920BF07A3D4F6B377DE4D34D4BFC36FC</td><td class=\"sbody-td\">5C34EFF1D3AAC2861327EE08829960DD59DF50864AB89F72D32B2B63130693EC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-enu.exe</td><td class=\"sbody-td\">37BF6B94B5717FC27C264A3A6D2925D38C7B00CB</td><td class=\"sbody-td\">B92BB6D9F9D41F9843EFB4A7AF8067100F98C5F81A446D7CEC370A4F02BEAC7D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-csy.exe</td><td class=\"sbody-td\">0B3E9B63CEA006705FF2E76C971750B5950B8473</td><td class=\"sbody-td\">9A04372C3049D337DE864953C61469B4F5442C94725071BADA5FDCADD5B1D63A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-dan.exe</td><td class=\"sbody-td\">D617FE6600B6987F7B4529BB08619CC0CBD9A881</td><td class=\"sbody-td\">F615C546565DC695FBC4012067039B878EF9773D61C12C15C0CE22295764D152</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-fin.exe</td><td class=\"sbody-td\">D1B4FDD35B0B7268E6CF71FB8F1F0D5F0FC928CC</td><td class=\"sbody-td\">7C9507D8ACAD13198C36685A33ADAB27BDF2A52B54FE29E91692E7A08FA6E36D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-nld.exe</td><td class=\"sbody-td\">0EB3B7ECBC965E68EBED417995F2CAF0EF60BBAB</td><td class=\"sbody-td\">3EA01E2FDFA879BFEEBEF55DEA905A439D5031151C3D00CF8237AB166CFB80E2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-heb.exe</td><td class=\"sbody-td\">F05F5DEB2AEDA0693B0F54B04ACD724D4E5858CC</td><td class=\"sbody-td\">092FDF7238EAED170768E29342C4666A4B5DA63A79F4A860BFE6AFAA7ECB10A2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-ptb.exe</td><td class=\"sbody-td\">B89E033A05B1B276659AF08339A2639126917059</td><td class=\"sbody-td\">CA0B250BACC45006E81A9D797A0A75E2DAF58D36C11A0082103717C356A40A44</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-sve.exe</td><td class=\"sbody-td\">990FAC7E7B8B6BBAD2B71C86796D08F3941F8AFE</td><td class=\"sbody-td\">3B117F63F67DE5F94D363F75F479B6CB51E11D933C0BAEB826C8E6BB60DEDD02</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-nor.exe</td><td class=\"sbody-td\">776FDD3599BE07D1803A55DD34960CA3312B4C3A</td><td class=\"sbody-td\">E23138CEC571877B91952A23FD352259D4BA378400C693B06D128D1B32AB7811</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-esn.exe</td><td class=\"sbody-td\">B2037A19F2319B5D5C1F1FC7B44A073D6B6B9CBC</td><td class=\"sbody-td\">F594F08355A5F2CBBCA6FE898CF7F4632FC69D875CC0688F047A1EA33F653233</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-rus.exe</td><td class=\"sbody-td\">7CA2B440829750044DCC41058FDFA9F9EE194D6A</td><td class=\"sbody-td\">0C468C88EF3306CF2B9D9B59A88594B8F390D70E833B54CAC8D0E5862422F662</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-chs.exe</td><td class=\"sbody-td\">B73B6C5C39CF8699152DBA43E66252F915784CAE</td><td class=\"sbody-td\">D0C3F66E04761FB7133FE7E0B09F9D0E487109E9AEF3E8E1ED34614474321D1B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-ell.exe</td><td class=\"sbody-td\">31C5426B7CEB54525BB38F81CEDA39CC3C204A75</td><td class=\"sbody-td\">D75A254D15524C47E8354AF7A5C34AA0170A6C0017D938B6D089226F13123386</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-ptg.exe</td><td class=\"sbody-td\">B9CC37983CC37B5132AEE1ADF9F16DBA73F09EC2</td><td class=\"sbody-td\">67EC3E4DD2DABB11E970580013BF4B8F94239FEF0D7D68C1D5044679F49762C9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-kor.exe</td><td class=\"sbody-td\">5FE1D21C80B35EC677DAAE6A4A305624551100DB</td><td class=\"sbody-td\">A68E09F4186706CC3F7455008CEC48B3EFCA9DAE78391DDC39C22DCD0BDCBC0A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-trk.exe</td><td class=\"sbody-td\">2B1ED70B291D8F04F002384015EC02D5F70D1CC7</td><td class=\"sbody-td\">320B64857687ACF3AAAC47B499EA401B4CDEA179918AD876C47B0D1CC2D5B440</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-jpn.exe</td><td class=\"sbody-td\">F1127E0A55D14DBAF720BA6E0232DD8D21750633</td><td class=\"sbody-td\">70A812DE2FA438B4573FF1DCCFE9E9F5C7B6857DF5A3314415A56AB76071F709</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-ita.exe</td><td class=\"sbody-td\">7C5E13285247BAA521D4378E90B321EB937F9DDC</td><td class=\"sbody-td\">15B17995D2C2730D8C77B8212B55E7A4011FAA3D3050251DBB964BEDF5F61872</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-fra.exe</td><td class=\"sbody-td\">74A903B9C7FD88E04253CDF90B3B7E64AAC95538</td><td class=\"sbody-td\">84F44D1287EC7FB79946930D2F57CC30A84B621041A2C15A4C18DD11E8717B5B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-fra.exe</td><td class=\"sbody-td\">2396DD3C9709515D323A6A44068A305E5EC6C903</td><td class=\"sbody-td\">EF238010DA1B6506156CD53A78CB56CEB7F45D56E10BF18A80CFFE8CC2FD8C5B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-csy.exe</td><td class=\"sbody-td\">71EA345B4C2CE76EDFDDAB0A4FA997851D17D912</td><td class=\"sbody-td\">EF45C563AD16E80501FAA74965A3243E6D402E69CB66DC784FA9FAEEE9DA2103</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-deu.exe</td><td class=\"sbody-td\">9D75245CF72C1A3B58215AB1E67A671B1B8ED599</td><td class=\"sbody-td\">C8628577DBF8E734735020D143D6628ED038B1A398499ECBD032634B08779365</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-x86-cht.exe</td><td class=\"sbody-td\">7CD990D067B049C7E759D267128FE391D7C56153</td><td class=\"sbody-td\">7067985EE455E4918A1BB8A5A05041709C69567D1EDB81EF8B1C5EB8FD77FA8E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x86.msu</td><td class=\"sbody-td\">6AF6F0836E82C9B49603D7C4DFB558D9812521DF</td><td class=\"sbody-td\">F6D346AF76593CAAEA366565F4E2C73C70E3F4C13D571EBF62FC7D91463544FD</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-deu.exe</td><td class=\"sbody-td\">A07152D2384F3C927E2F004AD60609F362B152CC</td><td class=\"sbody-td\">6B43358A64DAD4443F9F2A99E7E6196862504F00D3F50852F9479FA4353853E2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003.windowsxp-kb2699988-x64-cht.exe</td><td class=\"sbody-td\">36A6E4F3E77A2F0CBBD4EB56332F3437E35ABAD6</td><td class=\"sbody-td\">314ED06BCA772C28DB45F4242A12A0879EE04068EF2661DB07884464D394AAC0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-enu.exe</td><td class=\"sbody-td\">C781F86FB6CDB7A38C70FCB36EB496812AAAFB36</td><td class=\"sbody-td\">916C3BE4E7FED7397E658D425D00A4436D81B69F2F552F03EC42AC750B6CB619</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-jpn.exe</td><td class=\"sbody-td\">680F5B978A9FE583E12358885700AB90B52E718B</td><td class=\"sbody-td\">15EB52836E07BD39842F59F63EEAE84C728DE24E572C27E2018C8B083FCE382E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windows6.0-kb2699988-x64.msu</td><td class=\"sbody-td\">90F162A98D9FA5AF70B21A79216B8AC9AC18AC02</td><td class=\"sbody-td\">DB206FDF459DB0F02903A41388A578401A3E59EF9204BE4AC51B3808B1278557</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsserver2003-kb2699988-ia64-jpn.exe</td><td class=\"sbody-td\">044D96A548A7955777280B4AE6127EB688D2AAE6</td><td class=\"sbody-td\">54905D038CAC48EF0EC4454154809A12EDD7C98776B6718D533C843CCC25F85A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.1-kb2699988-x64.msu</td><td class=\"sbody-td\">EF4438C952B2EF46C90AD963097E94C6C7C1397E</td><td class=\"sbody-td\">A17B4D1BC6EE60684A98B7A93C6FBC87EE7AAA6691E7610498AAF516E6E7409B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie9-windows6.0-kb2699988-x64.msu</td><td class=\"sbody-td\">C366FA06288B975FF43661D2BD2B68589DDA3C4B</td><td class=\"sbody-td\">CE8859FB6AD173F1DE957B756D3FD9DB19A556A1BF1C536FA59C0E6A86B38A97</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie9-windows6.1-kb2699988-x64.msu</td><td class=\"sbody-td\">5E9BD26B8D993D64CD0EE8B352E4207305ABCEDB</td><td class=\"sbody-td\">06DDA505893EEBA66592CCB0CDA819FC09468540B79DE5661309BE4280913766</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-enu.exe</td><td class=\"sbody-td\">66EE6EA480E4126D2AE7BDB22C859B0DA86F8197</td><td class=\"sbody-td\">C5D2B28E604456CD0CC7ADC90D493844EE171754116B8D61A8844AC01DE5C03C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-trk.exe</td><td class=\"sbody-td\">58763032E00AB7569060059908CBE87F3BB15F79</td><td class=\"sbody-td\">1CEB696BB948A50D000BF7FE64B8F450EDC7A567F09B489896B403B7FAE3A8B2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-sve.exe</td><td class=\"sbody-td\">32E33B7CB074F07A708C1909E2624B5D4DB5B9DB</td><td class=\"sbody-td\">C8F736140C4D13EAC05750CF2C547BE99435B9258A873B9E991C3F4C571FF3DA</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-ita.exe</td><td class=\"sbody-td\">163E6E6CE4ED4F188DA8AD01B322E8CD01890730</td><td class=\"sbody-td\">C93CD88822D018E33A6DB19A38DE02621F81F6EAE84D8FA87C0AD1C2C1640035</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-esn.exe</td><td class=\"sbody-td\">675E8EA8BE7553CD9B356B45A3E95A9A5A5D923E</td><td class=\"sbody-td\">1195EF4BC93807345132B68411EB528E3A3EF9808724A733E24A89F6AF116CF7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-ptg.exe</td><td class=\"sbody-td\">7A113713B6A45E6F9FCC34110FC3B33FFFB85383</td><td class=\"sbody-td\">C8BF8FBFAD188CB4EA95DABC1C101CDF09410762B278F2005CC2B05201C9BE1E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-cht.exe</td><td class=\"sbody-td\">19E54BDD358FBBE4BD6A295D0E0BA4A93823261F</td><td class=\"sbody-td\">415CA80DFFE01EEDF2DEEFA1267E521D35FFD43C58068875F519FF84945ACA57</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-chs.exe</td><td class=\"sbody-td\">3DB7E2951BF981EA504AF81D931689605CF902C4</td><td class=\"sbody-td\">FC24D5CFB71ADAD51E9FA0C03369D35F4988CE7D177AA53EC93161A3F7B9FB16</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-kor.exe</td><td class=\"sbody-td\">0809AFCF5DD5AD4F798FE5B4509ADCB0402FA44D</td><td class=\"sbody-td\">42BF87A8D9F36DF245E9E1A4292847F961225037E91F48099ED447DD49946AFF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-rus.exe</td><td class=\"sbody-td\">368FD918F0FD71D650187920AFFD527733C0DB49</td><td class=\"sbody-td\">410FCC4E76B0737B8EC93BFA8D024D41969BA1F884DC60B3621AF3DCF3F0EE86</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003-kb2699988-x86-hun.exe</td><td class=\"sbody-td\">4C755DCFD9542690CE30FA1C1968D335E1C9A75C</td><td class=\"sbody-td\">8EFEDFF8B8F3FBD171420A3E41D293A3CD87B317E5B06DF8E4887F2720634F9F</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-deu.exe</td><td class=\"sbody-td\">AEA53C4D6A02093F9D5D651682B3CB579780B71D</td><td class=\"sbody-td\">11D4D77DA11D9623FA3907943FAD97E2C12DE4A29EB57E2F8C62A860A3FC526A</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-ptb.exe</td><td class=\"sbody-td\">C5DE9289C0AAEB011F70734C0F9DFF2D4FE7F1A2</td><td class=\"sbody-td\">DE0F0602E3721E42867A41A4091302780E3724B2A3014B4BD215651CC90610AC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-fra.exe</td><td class=\"sbody-td\">028C6234805DC697C74AC87BF5E190BCFCC9DBBB</td><td class=\"sbody-td\">F542CBAD554C4AD231DE6EF0210DF7B9B5F00974A32F1C33F81240C1932544EB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-cht.exe</td><td class=\"sbody-td\">8B4E63BA4900116D2227F88183FF494BC06E9D45</td><td class=\"sbody-td\">4090137752AD08F62916E2A6FA7C9E661FDB3537C14F785194B89AFC0FCB2334</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-esn.exe</td><td class=\"sbody-td\">107D9F72134E1FF575FAE9ED16B60B36647C25EB</td><td class=\"sbody-td\">4A1046C48D29A513334BE91B76D690E9718B9E2DE1CD16D65DB0B2E25046B608</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-rus.exe</td><td class=\"sbody-td\">6F2B39C9AF06A72E724241A719D06857BBFBAA8D</td><td class=\"sbody-td\">9A44D9A71188C5E4271EF8EEB14122BA6A425E99133738230F749CA960D4B48B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-chs.exe</td><td class=\"sbody-td\">B0D54D1DA00ACB42FB3C0FF81B8048B2BCD50AF4</td><td class=\"sbody-td\">F904BDD9E1269B6618D78261F932FA9B4266DA74D8D35AC936944529BF4087A9</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-kor.exe</td><td class=\"sbody-td\">BB9E3614A4A3E572F080469259B00C4B18876A91</td><td class=\"sbody-td\">0554173C3BA7F0B9B283DDB97491A5A005DA07939D5CB8596867CEA3BDE55C09</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsserver2003.windowsxp-kb2699988-x64-ita.exe</td><td class=\"sbody-td\">E980F6D8C67C815CB4A13F90FE9B95236C155D44</td><td class=\"sbody-td\">6725573CAE445A150E98817ADA75396AD5A87A932B8BF0F50E4A8FD50E41F7D0</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-ia64-enu.exe</td><td class=\"sbody-td\">0184DDB117FBA7995BA952CBC13474CBF7960913</td><td class=\"sbody-td\">370A76B4AF1EDE8DFC7DEFF22FFF27A7D506A789F2E92FC98CB6F4A02F54BD9B</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-ia64-deu.exe</td><td class=\"sbody-td\">0FFB1E1F646FCD08168CA53FDE9FAD82F9870610</td><td class=\"sbody-td\">949C1CF4F4B7569BC58C62764295A1E3F0962C6DA0CD336BA1199B7F66AB5B26</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-ia64-jpn.exe</td><td class=\"sbody-td\">E2D113A096E2EA9B8A743179CD2FD2FACF273C2B</td><td class=\"sbody-td\">E8BB0EB8F73DFA7B3A84A9869CBE69B9ECC942F4CB3BDB1EE26C99D1F4C26116</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie7-windowsserver2003-kb2699988-ia64-fra.exe</td><td class=\"sbody-td\">F30CC7836C069322A5FB6FB044A0A44BE20B8209</td><td class=\"sbody-td\">A9FD42F7BBEC37C75172473795CC0B7D1A3A2946BE67689D69EEC31FD537E303</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-enu.exe</td><td class=\"sbody-td\">FF645B69FB06C8A18709B9840E0C7B0608BCFE04</td><td class=\"sbody-td\">223B5749BECBCADA6E4B4B6F39B5CEFF3F5D8429468077CC1DA219E27ED88573</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-ara.exe</td><td class=\"sbody-td\">B48AD2EA8AD544ADF1B769560B66D9C6681E03C1</td><td class=\"sbody-td\">EC1486C6E6F6B8F00C98AD584D5DA73B485E9362B6BC123667AB8992E26E25BF</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-cht.exe</td><td class=\"sbody-td\">F6042848D82ABD64A02446964EE7C665E7994A7B</td><td class=\"sbody-td\">B208D9E76562EFB04AD93B1C215AE72BE7A0D195F79579F6D3601AF09E2CA766</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-chs.exe</td><td class=\"sbody-td\">7583ED693D1938572073EE8393BD9330A6DC2B8A</td><td class=\"sbody-td\">49E1BF303EFB221E531300A4EF32A42533DEFC7B03FE89144FEE6AD8494A8603</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-ita.exe</td><td class=\"sbody-td\">6A880E2D1AEEBDDC921BBF97EC61CF3670A52CC0</td><td class=\"sbody-td\">A88C6B635C475BE0377FAC5E02E94A2035075E8DBED4A01DDBF568C5A97F58A2</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windowsxp-kb2699988-x86-kor.exe</td><td class=\"sbody-td\">5ED4D92C574800D725817E29E70676BFD890E959</td><td class=\"sbody-td\">7DBD1B8F44A620533EFAB48A7088BA71BB5A6FFCE084C15E950BA085F95376EB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.1-kb2699988-x86.msu</td><td class=\"sbody-td\">EFBD38FFFCBD41D42565FBB2B5C81A7C6D481702</td><td class=\"sbody-td\">941F302F5A001E8B3FF8C30D6432B52F904DC35144EB7A01BD2D6B6BB6D50F05</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-hun.exe</td><td class=\"sbody-td\">69FE2E4BDAB981ABEC1835920574F4232333A60C</td><td class=\"sbody-td\">1B6E95EB67518AB0A29E42C9CA865DB35F7D8AE928594002E39EE3DBCCB62D2D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-plk.exe</td><td class=\"sbody-td\">880BAA435CC75F813ED336F2A2CD79A47EE816DC</td><td class=\"sbody-td\">28F88822D3573C39DDC1840CC74FEFC7F25FBBB826DF7256AB9B2B486C32EE9C</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-ara.exe</td><td class=\"sbody-td\">2DD679D6DD90B0E9DAAB849E8C0323F206387C58</td><td class=\"sbody-td\">95628E28AE52312CB60336D944C7450799323CB1EA7E9E1E049FCDF1F77D1404</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-cht.exe</td><td class=\"sbody-td\">19AE7498A0D539EEAA5E2A8F2D28277B22E856C8</td><td class=\"sbody-td\">D10912B18159C8B7F2020F45DBE151EDD1C6E4C993FDAFC2BBF50DDE0B61C365</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">ie8-windowsxp-kb2699988-x86-custom-deu.exe</td><td class=\"sbody-td\">1A76EA27842C198D817CFD55843015D0DE559DF6</td><td class=\"sbody-td\">D3BA1973BB786B482BBECA33C04349A017A7E4E8A060369AD7AF2DE73544B808</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x64-custom.msu</td><td class=\"sbody-td\">75684F371AFF3CF1447A8CFB1E216060CE4EC7C7</td><td class=\"sbody-td\">0FF51FB9C7F23B421945D9BFFC60B1BE931B98E268206352586B391DF0E3B607</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x86.msu</td><td class=\"sbody-td\">AA13BEE8A823317B7ACEB466607F367387B5BCD5</td><td class=\"sbody-td\">C68187086AD80289FB7382950C8C997F659C69BE65884E17D293182270058DBC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x64.msu</td><td class=\"sbody-td\">FA89FAEA099735E482318B8140262F201D3905C8</td><td class=\"sbody-td\">46AF8E91EBBBCCEDA0783395792B1A0B13DB1DBAED84EEFDD0614F011D003AAB</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x64-custom.msu</td><td class=\"sbody-td\">98D65BE591213EA09F5F0175BDA8087D46C397DA</td><td class=\"sbody-td\">F6EB40B592B9CF69023258612F355B5EACE3EAB3FE24501E2DD04507BB97DC3D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">windows6.0-kb2699988-x86-custom.msu</td><td class=\"sbody-td\">BF57BE47A45B77D4DC8B5400065870FD7A46A466</td><td class=\"sbody-td\">F167531A7F5DC8A5BD213D905E7168F0DB9649A2CCF44E819725A0023B902FD6</td></tr></table></div><h3 class=\"sbody-h3\">How to determine whether you are running a 32-bit or a 64-bit edition of Windows<br/></h3>If you are not sure which version of Windows that you are running or whether it is a 32-bit version or 64-bit version, open System Information (Msinfo32.exe), and review the value that is listed for <strong class=\"uiterm\">System Type</strong>. To do this, follow these steps:<br/><ol class=\"sbody-num_list\"><li>Click <strong class=\"uiterm\">Start</strong>, and then click <strong class=\"uiterm\">Run</strong>, or click <strong class=\"uiterm\">Start Search</strong>. </li><li>Type <strong class=\"uiterm\">msinfo32.exe</strong> and then press ENTER. </li><li>In <strong class=\"uiterm\">System Information</strong>, review the value for <strong class=\"uiterm\">System Type</strong>.<br/><ul class=\"sbody-free_list\"><li>For 32-bit editions of Windows, the <strong class=\"uiterm\">System Type</strong> value is <strong class=\"uiterm\">x86-based PC</strong>. </li><li>For 64-bit editions of Windows, the <strong class=\"uiterm\">System Type</strong> value is <strong class=\"uiterm\">x64-based PC</strong>. </li></ul></li></ol><span>For more information about how to determine whether you are running a 32-bit or 64-bit edition of Windows, click the following article number to view the article in the Microsoft Knowledge Base:<br/><div class=\"indent\"><a href=\"https://support.microsoft.com/en-us/help/827218\" id=\"kb-link-27\">827218 </a>How to determine whether a computer is running a 32-bit version or a 64-bit version of the Windows operating system<br/></div></span></div></body></html>", "edition": 2, "cvss3": {}, "published": "2012-06-12T00:00:00", "type": "mskb", "title": "MS12-037: Cumulative Security Update for Internet Explorer: June 12, 2012", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1876", "CVE-2012-1875", "CVE-2012-1880", "CVE-2012-1872", "CVE-2012-1881", "CVE-2012-1858", "CVE-2012-1878", "CVE-2012-1523", "CVE-2012-1882", "CVE-2012-1879", "CVE-2012-1874", "CVE-2012-1873", "CVE-2012-1877"], "modified": "2012-07-11T22:57:36", "id": "KB2699988", "href": "https://support.microsoft.com/en-us/help/2699988/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}

Microsoft Lync/Office Communicator HTML代码过滤漏洞 (CVE-2012-1858) (MS12-039)

Description

Related