Internet Explorer and SharePoint 'toStaticHTML' Cross Domain Information Disclosure Vulnerability

Bugtraq ID: 40409
Class: Origin Validation Error
CVE: CVE-2010-1257
Remote: Yes
Local: No
Published: Jun 08 2010 12:00AM
Updated: Jun 10 2010 07:09PM
Credit: Chris Weber of Casaba Security
Vulnerable: Microsoft SharePoint Services 64-bit 3.0 SP2
Microsoft SharePoint Services 64-bit 3.0 SP1
Microsoft SharePoint Services 64-bit 3.0
Microsoft SharePoint Services 3.0 SP2
Microsoft SharePoint Services 3.0 SP1
Microsoft SharePoint Server 2007 x64 SP2
Microsoft SharePoint Server 2007 x64 SP1
Microsoft SharePoint Server 2007 x64 0
Microsoft SharePoint Server 2007 SP2
Microsoft SharePoint Server 2007 SP1
Microsoft SharePoint Server 2007 0
Microsoft Internet Explorer 8
Microsoft InfoPath 2007 SP2
Microsoft InfoPath 2007 SP1
Microsoft InfoPath 2007 0
Microsoft InfoPath 2003 SP3
+ Microsoft Office 2003 SP1
 Microsoft InfoPath 2003 SP1
+ Microsoft Office 2003 SP1
 Microsoft InfoPath 2003
+ Microsoft Office 2003 0
 Avaya Messaging Application Server MM 3.1
Avaya Messaging Application Server MM 3.0
Avaya Messaging Application Server MM 2.0
Avaya Messaging Application Server MM 1.1
Avaya Messaging Application Server 5
Avaya Messaging Application Server 4
Avaya Messaging Application Server 0
Avaya Meeting Exchange - Webportal 0
Avaya Meeting Exchange - Web Conferencing Server 0
Avaya Meeting Exchange - Streaming Server 0
Avaya Meeting Exchange - Recording Server 0
Avaya Meeting Exchange - Client Registration Server 0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus