SID 1:16658

Report a false positive

Rule Category

N/A

Alert Message

No information provided

Rule Explanation

Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or HTML via vectors related to sanitization. Impact: CVSS base score 4.3 CVSS impact score 2.9 CVSS exploitability score 8.6 confidentialityImpact NONE integrityImpact PARTIAL availabilityImpact PARTIAL Details: Ease of Attack:

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

CVE-2010-1257

Additional Links

technet.microsoft.com/en-us/security/bulletin/MS10-035

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2010-1257
 Loading description