Detections
Analytics
DTOO168 - InfoPath - Disabling sending form templates with the email forms must be configured.
Information
InfoPath allows users to attach form templates when sending e-mail forms. If users are able to open form templates included with e-mail forms, rather than using a cached version that is previously published, an attacker could send a malicious form template with the e-mail form in an attempt to gain access to sensitive information.Note: The form template is only opened directly if the form opens with a restricted security level. Otherwise the attachment is actually a link to the published location.
Solution
Set the policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2010 -> InfoPath e-mail forms 'Disable sending form template with e-mail forms' to 'Enabled'.See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_InfoPath_2010_V1R12_STIG.zip
Item Details
Audit Name: DISA STIG Office 2010 InfoPath v1r12
Category: SYSTEM AND COMMUNICATIONS PROTECTION
References: 800-53|SC-18(4), CAT|II, CCI|CCI-001170, Rule-ID|SV-33639r1_rule, STIG-ID|DTOO168, Vuln-ID|V-17667
Plugin: Windows
Control ID: d2c371f963bb216c89165af50e9c0093fb2f6605a651611c8d2adc44d9b290a4