This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.
The remote host has multiple vulnerabilities.
The remote Windows host is running a version of InfoPath, SharePoint
Server, or SharePoint Services with the following vulnerabilities :
- A cross-site scripting vulnerability in Help.aspx.
- An information disclosure vulnerability in the
toStaticHTML() API. (CVE-2010-1257)
- A denial of service vulnerability, triggered by sending
specially crafted requests to the help page.
See also :
Microsoft has released a set of patches for InfoPath 2003, InfoPath
2007, SharePoint Server 2007, and SharePoint Services 3.0.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true