Microsoft SharePoint CVE-2012-1861 HTML Injection Vulnerability


### Description Microsoft SharePoint is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. ### Technologies Affected * Microsoft InfoPath 2007 SP2 * Microsoft InfoPath 2007 SP3 * Microsoft InfoPath 2010 * Microsoft InfoPath 2010 SP1 (32-bit editions) * Microsoft InfoPath 2010 SP1 (64-bit editions) * Microsoft SharePoint Foundation 2010 * Microsoft SharePoint Foundation 2010 SP1 * Microsoft SharePoint Server 2010 SP1 * Microsoft SharePoint Server 2010 Standard Edition ### Recommendations **Block external access at the network boundary, unless external parties require service.** Filter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit. **Run all software as a nonprivileged user with minimal access rights.** Attackers may successfully exploit client flaws in the browser through cross-site scripting vulnerabilities. When possible, run client software as regular user accounts with limited access to system resources. This may limit the immediate consequences of client-side vulnerabilities. **Deploy network intrusion detection systems to monitor network traffic for malicious activity.** Deploy NIDS to detect and block attacks and anomalous activity such as requests containing suspicious URI sequences. Since the webserver may log such requests, review logs regularly. **Set web browser security to disable the execution of script code or active content.** Since exploiting cross-site scripting issues often requires malicious script code to run in browsers, consider disabling script code and active content support within a client browser as a way to prevent a successful exploit. Note that this mitigation tactic might adversely affect legitimate sites that rely on the execution of browser-based script code. Vendor updates are available. Please see the references for more information.

Affected Software

CPE Name Name Version
microsoft infopath 2010 SP1 (64-bit editions)
microsoft infopath 2010
microsoft infopath 2007 SP2
microsoft infopath 2007 SP3
microsoft sharepoint server 2010 SP1
microsoft infopath 2010 SP1 (32-bit editions)
microsoft sharepoint foundation 2010
microsoft sharepoint server 2010 Standard Edition
microsoft sharepoint foundation 2010 SP1