Threat Encyclopedia

MS.Remote.Desktop.Web.Access.XSS

description-logoDescription

This indicates a possible exploit of a Cross Site Scripting (XSS) vulnerability in Microsoft Remote Desktop Web Access.
The vulnerability is due to the insufficient sanitization of input parameters. It may allow remote attackers to execute arbitrary commands in the context of the target user.

affected-products-logoAffected Products

Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems SP1

Impact

System compromise: Remote attackers can execute arbitrary commands.

recomended-action-logoRecommended Actions

Refer to the vendor's web site for suggested workground.
http://www.microsoft.com/technet/security/Bulletin/ms11-061.mspx

CVE References

CVE-2011-1263