MS12-007: Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664)
Medium Nessus Plugin ID 57475
SynopsisA library is installed on the remote host that is affected by an information disclosure vulnerability.
DescriptionThe remote Windows host is running a version of the Anti-Cross-Site Scripting Library (AntiXSS) that is affected by an information disclosure vulnerability.
An attacker could gain access to sensitive information if he could pass a malicious script to a website using the sanitization function of the Anti-Cross-Site Scripting Library.
SolutionMicrosoft has released a new version of the AntiXSS Library.