Microsoft Internet Explorer And Microsoft Lync HTML Sanitizing Information Disclosure Vulnerability

Bugtraq ID: 53842
Class: Design Error
CVE: CVE-2012-1858
Remote: Yes
Local: No
Published: Jun 12 2012 12:00AM
Updated: Jul 11 2012 03:30PM
Credit: Adi Cohen of IBM Security Systems - Application Security
Vulnerable: Microsoft SharePoint Server 2010 Standard Edition 0
Microsoft SharePoint Server 2010 Enterprise Edition 0
Microsoft SharePoint Server 2010 SP1
Microsoft SharePoint Foundation 2010 SP1
Microsoft SharePoint Foundation 2010 0
Microsoft Office Web Apps 2010 SP1
Microsoft Office Web Apps 2010 0
Microsoft Office Communicator 2007 R2
Microsoft Lync 2010 Attendee 0
Microsoft Lync 2010 0
Microsoft Internet Explorer 9
+ Microsoft Windows 7
+ Microsoft Windows 7 for 32-bit Systems SP1
+ Microsoft Windows 7 for 32-bit Systems 0
+ Microsoft Windows 7 for x64-based Systems SP1
+ Microsoft Windows 7 for x64-based Systems 0
+ Microsoft Windows 7 Home Premium - Sp1 X64
+ Microsoft Windows 7 Home Premium - Sp1 X32
+ Microsoft Windows Server 2008 R2
+ Microsoft Windows Server 2008 for 32-bit Systems SP2
+ Microsoft Windows Server 2008 for 32-bit Systems 0
+ Microsoft Windows Server 2008 for x64-based Systems SP2
+ Microsoft Windows Server 2008 for x64-based Systems 0
+ Microsoft Windows Server 2008 R2 for x64-based Systems SP1
+ Microsoft Windows Vista SP2
+ Microsoft Windows Vista SP1
+ Microsoft Windows Vista x64 Edition SP2
+ Microsoft Windows Vista x64 Edition SP1
+ Microsoft Windows Vista x64 Edition 0
Microsoft Internet Explorer 8
+ Microsoft Windows 7
+ Microsoft Windows 7 for 32-bit Systems SP1
+ Microsoft Windows 7 for 32-bit Systems 0
+ Microsoft Windows 7 for x64-based Systems SP1
+ Microsoft Windows 7 for x64-based Systems 0
+ Microsoft Windows 7 Home Premium 0
+ Microsoft Windows 7 Home Premium - Sp1 X64
+ Microsoft Windows 7 Home Premium - Sp1 X32
+ Microsoft Windows Server 2008 R2
+ Microsoft Windows Server 2003 Sp2 X64
+ Microsoft Windows Server 2003 SP2
+ Microsoft Windows Server 2003 Sp1 X64
+ Microsoft Windows Server 2003 SP1
+ Microsoft Windows Server 2008 R2 SP1
+ Microsoft Windows Server 2008 for x64-based Systems SP2
+ Microsoft Windows Server 2008 R2 x64 SP1
+ Microsoft Windows Server 2008 R2 x64 0
+ Microsoft Windows Server 2008 Standard Edition X64
+ Microsoft Windows Server 2008 Standard Edition SP2
+ Microsoft Windows Server 2008 Standard Edition 0
+ Microsoft Windows Server 2008 Standard Edition - Sp2 Web
+ Microsoft Windows Vista SP2
+ Microsoft Windows Vista SP1
+ Microsoft Windows Vista Home Premium SP2
+ Microsoft Windows Vista Home Premium SP1
+ Microsoft Windows Vista Home Premium
+ Microsoft Windows Vista Home Basic SP2
+ Microsoft Windows Vista Home Basic SP1
+ Microsoft Windows Vista Home Basic
+ Microsoft Windows Vista Enterprise SP2
+ Microsoft Windows Vista Enterprise SP1
+ Microsoft Windows Vista Enterprise
+ Microsoft Windows Vista Business SP2
+ Microsoft Windows Vista Business SP1
+ Microsoft Windows Vista 0
+ Microsoft Windows Vista Business 64-bit edition SP2
+ Microsoft Windows Vista Business 64-bit edition SP1
+ Microsoft Windows Vista Business 64-bit edition 0
+ Microsoft Windows Vista Enterprise 64-bit edition SP2
+ Microsoft Windows Vista Enterprise 64-bit edition SP1
+ Microsoft Windows Vista Enterprise 64-bit edition 0
+ Microsoft Windows Vista Home Basic 64-bit edition Sp2 X64
+ Microsoft Windows Vista Home Basic 64-bit edition SP2
+ Microsoft Windows Vista Home Basic 64-bit edition SP1
+ Microsoft Windows Vista Home Basic 64-bit edition 0
+ Microsoft Windows Vista Home Premium 64-bit edition SP2
+ Microsoft Windows Vista Home Premium 64-bit edition SP1
+ Microsoft Windows Vista Home Premium 64-bit edition 0
+ Microsoft Windows XP 0
+ Microsoft Windows XP Embedded SP3
+ Microsoft Windows XP Embedded SP2
+ Microsoft Windows XP Embedded SP1
+ Microsoft Windows XP Embedded
+ Microsoft Windows XP Home SP3
+ Microsoft Windows XP Home SP2
+ Microsoft Windows XP Home SP1
+ Microsoft Windows XP Home
+ Microsoft Windows XP Media Center Edition SP3
+ Microsoft Windows XP Media Center Edition SP2
+ Microsoft Windows XP Media Center Edition SP1
+ Microsoft Windows XP Professional SP3
+ Microsoft Windows XP Professional SP2
+ Microsoft Windows XP Professional SP1
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional x64 Edition SP2
+ Microsoft Windows XP Professional x64 Edition
Microsoft InfoPath 2007 SP2
Microsoft Groove Server 2010 SP1
Microsoft Groove Server 2010 0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus