MS10-039: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554)

medium Nessus Plugin ID 46846

Synopsis

The remote host has multiple vulnerabilities.

Description

The remote Windows host is running a version of InfoPath, SharePoint Server, or SharePoint Services with the following vulnerabilities :

- A cross-site scripting vulnerability in Help.aspx.
(CVE-2010-0817)

- An information disclosure vulnerability in the toStaticHTML() API. (CVE-2010-1257)

- A denial of service vulnerability, triggered by sending specially crafted requests to the help page.
(CVE-2010-1264)

Solution

Microsoft has released a set of patches for InfoPath 2003, InfoPath 2007, SharePoint Server 2007, and SharePoint Services 3.0.

See Also

https://www.nessus.org/u?6b560bdb

Plugin Details

Severity: Medium

ID: 46846

File Name: smb_nt_ms10-039.nasl

Version: 1.28

Type: local

Agent: windows

Published: 6/9/2010

Updated: 8/5/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:microsoft:office, cpe:/a:microsoft:infopath, cpe:/a:microsoft:sharepoint_server, cpe:/a:microsoft:sharepoint_services

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/8/2010

Vulnerability Publication Date: 4/28/2010

Exploitable With

Core Impact

Reference Information

CVE: CVE-2010-0817, CVE-2010-1257, CVE-2010-1264

BID: 39776, 40409, 40559

IAVA: 2010-A-0079-S

MSFT: MS10-039

MSKB: 979441, 979445, 980923, 983444