PCWorks: Microsoft FrontPage Server Extensions Cross-Site Scripting

Thread: PCWorks: Microsoft FrontPage Server Extensions Cross-Site Scripting

Search this list only Search all lists
PCWorks: Microsoft FrontPage Server Extensions Cross-Site Scripting
	2006-04-12 07:02:29
TITLE: Microsoft FrontPage Server Extensions Cross-Site Scripting SECUNIA ADVISORY ID: SA19623 VERIFY ADVISORY: http://secunia.c om/advisories/19623/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Microsoft FrontPage Server Extensions 2002 http://secunia.com/p roduct/6314/ Microsoft SharePoint Team Services http://secunia.com/p roduct/1529/ DESCRIPTION: A vulnerability has been reported in Microsoft FrontPage Server Extensions, which can be exploited by malicious people to conduct cross-site scripting attacks. Unspecified input is not properly sanitised before being returned to users. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site. SOLUTION: Apply patches. FrontPage Server Extensions 2002 (Windows Server 2003 and Windows Server 2003 SP1): http://www.microsof t.com/downloads/details.aspx?FamilyId=5C03F85A-5228-47FB-A33 8-90FA23818E08 FrontPage Server Extensions 2002 (Windows Server 2003 for Itanium-based systems and Windows Server 2003 with SP1 for Itanium-based systems): http://www.microsof t.com/downloads/details.aspx?FamilyId=59F15A6B-CC1B-43D5-A00 7-BFC9ABB63486 FrontPage Server Extensions 2002 (x64 Edition) downloaded and installed on Windows Server 2003 x64 Edition and Windows XP Pro x64 Edition: http://www.microsof t.com/downloads/details.aspx?FamilyId=F453530D-7063-49AB-B30 4-9C455DE6D8DA FrontPage Server Extensions 2002 (x86 Editions) downloaded and installed on Windows Server 2000 SP4, Windows XP SP1, and Windows XP SP2: http://www.microsof t.com/downloads/details.aspx?FamilyId=F453530D-7063-49AB-B30 4-9C455DE6D8DA Microsoft SharePoint Team Services: http://www.microsof t.com/downloads/details.aspx?FamilyId=EEE40662-39E6-4C07-824 1-1AC4F5D24FFC ORIGINAL ADVISORY: MS06-017 (KB917627): http://www.microsoft.com/technet/security/Bullet in/MS06-017.mspx ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/r ules.htm Contact list owner <owner-pcworksimagicomm.com> Unsubscribing and other changes: http://pcworkers.com =====================================================

[1]

about | contact Other archives ( Real Estate discussion Medical topics )