MS.SharePoint.Server.Remote.XSS

Release Date Dec 24, 2011
Severity medium
Impact System compromise: Execution of arbitrary script code on the system.
Description This indicates a possible exploit of a Cross Site Scripting (XSS) vulnerability in Microsoft SharePoint. This vulnerability is due to the lack of string-stripping when putting the path into javascript. As a result, a remote attacker can exploit this to execute arbitrary code within the context of the application
Affected Products Microsoft SharePoint Server 2007
Recommended Actions Currently we are not aware of any vendor supplied patches for this issue.
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2007-2581
Reference/s http://www.securityfocus.com/bid/23832 (BugTraq) http://technet.microsoft.com/en-us/security/bulletin/ms07-059.mspx (MS-ID)

Fortinet