Oval Definition:	oval:org.mitre.oval:def:7468
Revision Date: 2013-11-11 Version: 12 Title: Help.aspx XSS Vulnerability Description: Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2010-0817 Platform(s): Microsoft Windows Server 2003 Product(s): Microsoft Windows SharePoint Services 3.0 Definition Synopsis Windows Server 2003 32-bit or Windows Server 2003 64-bit Microsoft Windows Server 2003 (32-bit) is installed OR Microsoft Windows Server 2003 (x64) is installed AND Microsoft Windows SharePoint Services 3.0 are installed AND the version of Onetutil.dll is less than 12.0.6535.5003
BACK