Intrusion PreventionMS.IE.SharePoint.toStaticHTML.XSS
Description
This indicates a possible attack against a cross-site-scripting vulnerability in Microsoft Internet Explorer and SharePoint.
The vulnerability is due to an error in the vulnerable software when handling the toStaticHTML API. An attacker may exploit this to gain sensitive information bysending a malicious web page.
Affected Products
Microsoft Internet Explorer 8
Microsoft Office InfoPath 2003 Service Pack 3
Microsoft Office InfoPath 2007 Service Pack 1 and Microsoft Office InfoPath 2007 Service Pack 2
Microsoft Office SharePoint Server 2007 Service Pack 1&2 (32-bit and 64-bit editions)
Microsoft Windows SharePoint Services 3.0 Service Pack 1 and Microsoft Windows SharePoint Services 3.0 Service Pack 2 (32-bit and 64-bit versions)
Impact
Information Disclosure
Recommended Actions
Refer to the vendor's advisory for updates:
http://www.microsoft.com/technet/security/bulletin/ms10-035.mspx
http://www.microsoft.com/technet/security/bulletin/ms10-039.mspx
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2021-01-11 | 16.995 |
| ID | 23316 |
| Created | Jun 09, 2010 |
| Updated | Jan 08, 2021 |
| Risk |
|
| CVE ID | CVE-2010-1257 |
| Exploit Prediction Score | 83.37% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | IE |