Vulnerability Name:

CVE-2010-1257 (CCN-58866)

Assigned:2010-06-08
Published:2010-06-08
Updated:2021-07-23
Summary:Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or HTML via vectors related to sanitization.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-79
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2010-1257

Source: CCN
Type: SA40062
Microsoft Internet Explorer Multiple Vulnerabilities

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/css/P8/documents/100089747

Source: CCN
Type: Microsoft Security Bulletin MS11-099
Cumulative Security Update for Internet Explorer (2618444)

Source: CCN
Type: Microsoft Security Bulletin MS12-010
Cumulative Security Update for Internet Explorer (2647516)

Source: CCN
Type: Microsoft Security Bulletin MS12-023
Cumulative Security Update for Internet Explorer (2675157)

Source: CCN
Type: Microsoft Security Bulletin MS12-037
Cumulative Security Update for Internet Explorer (2699988)

Source: CCN
Type: Microsoft Security Bulletin MS12-044
Cumulative Security Update for Internet Explorer (2719177)

Source: CCN
Type: Microsoft Security Bulletin MS12-052
Cumulative Security Update for Internet Explorer (2722913)

Source: CCN
Type: Microsoft Security Bulletin MS10-035
Cumulative Security Update for Internet Explorer (982381)

Source: CCN
Type: Microsoft Security Bulletin MS10-039
Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554)

Source: CCN
Type: Microsoft Security Bulletin MS10-053
Cumulative Security Update for Internet Explorer (2183461)

Source: CCN
Type: Microsoft Security Bulletin MS10-071
Cumulative Security Update for Internet Explorer (2360131)

Source: CCN
Type: Microsoft Security Bulletin MS10-072
Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)

Source: CCN
Type: Microsoft Security Bulletin MS10-090
Cumulative Security Update for Internet Explorer (2416400)

Source: CCN
Type: Microsoft Security Bulletin MS11-003
Cumulative Security Update for Internet Explorer (2482017)

Source: CCN
Type: Microsoft Security Bulletin MS11-018
Cumulative Security Update for Internet Explorer (2497640)

Source: CCN
Type: Microsoft Security Bulletin MS11-050
Cumulative Security Update for Internet Explorer (2530548)

Source: CCN
Type: Microsoft Security Bulletin MS11-057
Cumulative Security Update for Internet Explorer (2559049)

Source: CCN
Type: Microsoft Security Bulletin MS11-081
Cumulative Security Update for Internet Explorer (2586448)

Source: BID
Type: UNKNOWN
40409

Source: CCN
Type: BID-40409
Internet Explorer and SharePoint 'toStaticHTML' Cross Domain Information Disclosure Vulnerability

Source: CCN
Type: BID-42467
Microsoft Internet Explorer 8 'toStaticHTML()' HTML Sanitization Bypass Weakness

Source: CERT
Type: US Government Resource
TA10-159B

Source: MS
Type: UNKNOWN
MS10-035

Source: MS
Type: UNKNOWN
MS10-039

Source: XF
Type: UNKNOWN
ie-tostatichtml-information-disclosure(58866)

Source: XF
Type: UNKNOWN
ie-tostatichtml-information-disclosure(58866)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:6677

Vulnerable Configuration:Configuration 1:
  • cpe:/a:microsoft:office_infopath:2003:sp3:*:*:*:*:*:*
  • OR cpe:/a:microsoft:office_infopath:2007:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:office_infopath:2007:sp2:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:microsoft:sharepoint_server:2007:sp1:x32:*:*:*:*:*
  • OR cpe:/a:microsoft:sharepoint_server:2007:sp1:x64:*:*:*:*:*
  • OR cpe:/a:microsoft:sharepoint_server:2007:sp2:x32:*:*:*:*:*
  • OR cpe:/a:microsoft:sharepoint_server:2007:sp2:x64:*:*:*:*:*

    • Configuration 3:
  • cpe:/a:microsoft:sharepoint_services:3.0:sp1:x64:*:*:*:*:*
  • OR cpe:/a:microsoft:sharepoint_services:3.0:sp1:x32:*:*:*:*:*
  • OR cpe:/a:microsoft:sharepoint_services:3.0:sp2:x64:*:*:*:*:*
  • OR cpe:/a:microsoft:sharepoint_services:3.0:sp2:x32:*:*:*:*:*

    • Configuration 4:
  • cpe:/a:microsoft:internet_explorer:8:*:*:*:*:*:*:*
  • AND
  • cpe:/o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_7:-:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:microsoft:sharepoint_server:2007:sp1:x64:*:*:*:*:*
  • OR cpe:/a:microsoft:sharepoint_server:2007:sp1:x32:*:*:*:*:*
  • OR cpe:/a:microsoft:ie:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:*
  • OR cpe:/a:microsoft:sharepoint_server:2007:sp2:x32:*:*:*:*:*
  • OR cpe:/a:microsoft:sharepoint_server:2007:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:itanium:*
  • OR cpe:/a:microsoft:office_infopath:2003:sp3:*:*:*:*:*:*
  • AND
  • cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp1:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:*
  • OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp2:x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_7:-:-:*:*:ultimate_n:*:x64:*
  • OR cpe:/o:microsoft:windows_7:-:*:*:*:*:*:x32:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*
  • OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:6677
    V
    		toStaticHTML Information Disclosure Vulnerability
    2014-08-18
    BACK
    microsoft office infopath 2003 sp3
    microsoft office infopath 2007 sp1
    microsoft office infopath 2007 sp2
    microsoft sharepoint server 2007 sp1
    microsoft sharepoint server 2007 sp1
    microsoft sharepoint server 2007 sp2
    microsoft sharepoint server 2007 sp2
    microsoft sharepoint services 3.0 sp1
    microsoft sharepoint services 3.0 sp1
    microsoft sharepoint services 3.0 sp2
    microsoft sharepoint services 3.0 sp2
    microsoft internet explorer 8
    microsoft windows 2003 server * sp2
    microsoft windows 2003 server * sp2
    microsoft windows server 2008 * sp2
    microsoft windows server 2008 *
    microsoft windows xp * sp2
    microsoft windows vista - sp2
    microsoft windows vista * sp1
    microsoft windows vista * sp2
    microsoft windows server 2008 * sp2
    microsoft windows 7 -
    microsoft windows vista - sp1
    microsoft windows vista * sp2
    microsoft windows server 2008 r2
    microsoft windows server 2008 r2
    microsoft windows xp - sp2
    microsoft windows vista * sp1
    microsoft windows server 2008 *
    microsoft windows xp * sp3
    microsoft sharepoint server 2007 sp1
    microsoft sharepoint server 2007 sp1
    microsoft ie 8.0
    microsoft windows server 2008 -
    microsoft sharepoint server 2007 sp2
    microsoft sharepoint server 2007 sp2
    microsoft windows server 2008
    microsoft office infopath 2003 sp3
    microsoft windows xp sp2
    microsoft windows server_2003 sp2
    microsoft windows server_2003 sp2
    microsoft windows xp sp2
    microsoft windows vista - sp1
    microsoft windows vista - sp1
    microsoft windows server 2008 -
    microsoft windows server 2008 -
    microsoft windows xp sp3
    microsoft windows vista - sp2
    microsoft windows vista - sp2
    microsoft windows server 2008 sp2
    microsoft windows server 2008 sp2
    microsoft windows 7 -
    microsoft windows 7 -
    microsoft windows server 2008 - r2
    microsoft windows server 2008 r2