Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMicrosoftCVE-2012-1859
HistoryJul 10, 2012 - 9:55 p.m.

CVE-2012-1859

2012-07-1021:55:05
CWE-79
microsoft
web.nvd.nist.gov
117
xss
vulnerability
microsoft
sharepoint
server
2010
gold
sp1
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.849

Percentile

98.6%

JSON

Cross-site scripting (XSS) vulnerability in scriptresx.ashx in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a URL, aka “XSS scriptresx.ashx Vulnerability.”

Affected configurations

Nvd
Node
microsoftoffice_web_appsMatch2010
OR
microsoftoffice_web_appsMatch2010sp1
OR
microsoftsharepoint_foundationMatch2010
OR
microsoftsharepoint_foundationMatch2010sp1
OR
microsoftsharepoint_serverMatch2010
OR
microsoftsharepoint_serverMatch2010sp1
VendorProductVersionCPE
microsoftoffice_web_apps2010cpe:2.3:a:microsoft:office_web_apps:2010:*:*:*:*:*:*:*
microsoftoffice_web_apps2010cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*
microsoftsharepoint_foundation2010cpe:2.3:a:microsoft:sharepoint_foundation:2010:*:*:*:*:*:*:*
microsoftsharepoint_foundation2010cpe:2.3:a:microsoft:sharepoint_foundation:2010:sp1:*:*:*:*:*:*
microsoftsharepoint_server2010cpe:2.3:a:microsoft:sharepoint_server:2010:*:*:*:*:*:*:*
microsoftsharepoint_server2010cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*

Related

cvelist 1
checkpoint_advisories 1
prion 1
nvd 1
seebug 1
securityvulns 1
nessus 1
openvas 1
mskb 1
cvelist
cvelist
CVE-2012-1859
2012-07-10 21:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft SharePoint XSS scriptresx.ashx Elevation of Privilege (MS12-050; CVE-2012-1859)
2012-07-10 00:00:00
prion
prion
Cross site scripting
2012-07-10 21:55:00
nvd
nvd
CVE-2012-1859
2012-07-10 21:55:05
seebug
seebug
Microsoft SharePoint 'scriptresx.ashx'跨站脚本漏洞
2012-07-11 00:00:00
securityvulns
securityvulns
Microsoft Sharepoint multiple security vulnerabilities
2012-07-11 00:00:00
nessus
nessus
MS12-050: Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502)
2012-07-11 00:00:00
openvas
openvas
Microsoft SharePoint Multiple Privilege Elevation Vulnerabilities (2695502)
2012-07-11 00:00:00
mskb
mskb
MS12-050: Vulnerabilities in SharePoint could allow elevation of privilege: July 10, 2012
2012-07-10 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.849

Percentile

98.6%

JSON
Related for CVE-2012-1859
cvelist1checkpoint_advisories1prion1nvd1seebug1securityvulns1nessus1openvas1mskb1