Microsoft Products HTML Sanitisation Component Cross-Site Scripting Vulnerability


Description   A vulnerability has been reported in multiple Microsoft Products, which can be exploited by malicious people to conduct cross-site scripting attacks.
Certain unspecified input passed to the HTML Sanitization component is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
     
Vulnerable Products   Vulnerable Software:
Microsoft Groove Server 2010Microsoft InfoPath 2010Microsoft Office Web AppsMicrosoft SharePoint Foundation 2010Microsoft SharePoint Server 2010
     
Solution   Apply updates.Microsoft InfoPath 2010 Service Pack 1 (32-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=63f6a338-a195-4923-908e-8c21713c7373Microsoft InfoPath 2010 Service Pack 1 (32-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=f1cd73d2-411b-4a58-b8c0-04fd58922daeMicrosoft InfoPath 2010 Service Pack 1 (64-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=ae2069d0-55b5-4dfe-9131-41888d6bbec3Microsoft InfoPath 2010 Service Pack 1 (64-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=f206071a-4502-432a-9e5b-50bb4e3f1757Microsoft SharePoint Server 2010 Service Pack 1 (wosrv): http://www.microsoft.com/downloads/details.aspx?familyid=6c7d007f-5c8d-464c-af04-4e7800a2e2a6Microsoft SharePoint Server 2010 Service Pack 1 (coreserver): http://www.microsoft.com/downloads/details.aspx?familyid=c59c0d25-8d6c-4dda-a06b-e42891a9ddaeMicrosoft Groove Server 2010 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=d63ee461-b823-4eb1-9e6d-82f380627fb5Microsoft SharePoint Foundation 2010 Service Pack 1: http://www.microsoft.com/downloads/details.aspx?familyid=ac805c46-8661-4e99-84da-c395dc05beb0
     
CVE   CVE-2013-1289
     
References   MS13-035 (KB2687421
KB2687422
KB2687424
KB2760406
KB2760408
KB2760777
KB2810059
KB2821818):
https://technet.microsoft.com/en-us/security/bulletin/ms13-035
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
XSS - Prevention - GET : suspicious 'iframe' tag found in URL
3.2.0
XSS - Prevention - GET : suspicious 'meta' tag found in URL
3.2.0
XSS - Prevention - POST : suspicious tag with event found in data
3.2.0
XSS - Prevention - GET : suspicious tag with event found in URL
3.2.0
XSS - Prevention - POST : suspicious 'meta' tag found in data
3.2.0
XSS - Prevention - POST : suspicious 'object' tag found in data
3.2.0
XSS - Prevention - GET : suspicious 'applet' tag found in URL
3.2.0
XSS - Prevention - POST : suspicious 'applet' tag found in data
3.2.0
XSS - Prevention - POST : 'location' javascript object found in data
3.2.0
XSS - Phishing : suspicious 'div' tag found in URL
3.2.0
XSS - Prevention - GET : suspicious 'style' attribute found in URL
3.2.0
XSS - Prevention - POST : javascript code found in data
3.2.0
XSS - Prevention - POST : suspicious 'iframe' tag found in data
3.2.0
XSS - Prevention - GET : suspicious 'img' tag found in URL
3.2.0
XSS - Prevention - POST : code allowing cookie access found in data
3.2.0
XSS - Prevention - POST : suspicious 'img' attribute found in data
3.2.0
XSS - Phishing : suspicious 'a' tag found in URL
3.2.0
XSS - Prevention - GET : cookie access attempt using script language found in URL
3.2.0
XSS - Prevention - GET : suspicious 'embed' tag found in URL
3.2.0
XSS - Prevention - GET : suspicious 'object' tag found in URL
3.2.0
XSS - Phishing : suspicious 'form' tag found in URL
3.2.0
XSS - Prevention - POST : suspicious 'embed' tag found in data
3.2.0
XSS - Prevention - POST : suspicious 'style' tag found in data
3.2.0
XSS - Prevention - GET : javascript code found in URL
3.2.0
XSS - Prevention - POST : suspicious 'div' tag found in data
3.2.0
XSS - Prevention - GET : evasion attempt using tag characters encoding in URL
3.2.0
XSS - Prevention - GET : suspicious 'style' tag found in URL
3.2.0
XSS - Phishing : suspicious 'link' tag found in URL
3.2.0
XSS - Prevention - GET : 'script' tag found in URL
3.2.0
XSS - Prevention - POST : 'script' tag found in data
3.2.0
XSS - Prevention - POST : suspicious 'style' attribute found in data
3.2.0
XSS - Prevention - GET : 'location' javascript object found in URL
3.2.0
XSS - Prevention - GET : suspicious 'div' tag found in URL
3.2.0
XSS - Prevention - POST : suspicious 'style' tag found in data
5.0.0
XSS - Prevention - POST : javascript code found in data
5.0.0
XSS - Prevention - POST : suspicious tag with event found in data
5.0.0
XSS - Prevention - POST : suspicious 'embed' tag found in data
5.0.0
XSS - Prevention - POST : 'location' javascript object found in data
5.0.0
XSS - Prevention - POST : code allowing cookie access found in data
5.0.0
SQL injection Prevention - GET : Evasion attempt with CAST and EXEC statements
5.0.0
XSS - Prevention - POST : 'script' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'style' attribute found in data
5.0.0
XSS - Prevention - POST : suspicious 'applet' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'div' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'img' attribute found in data
5.0.0
XSS - Prevention - POST : suspicious 'meta' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'object' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'iframe' tag found in data
5.0.0
     


 
 
 
 
 Risk level 
Low 

 Vulnerability First Public Report Date 
2013-04-09 

 Target Type 
Server 

 Possible exploit 
Remote