Microsoft SharePoint Multiple Vulnerabilities( 09 June 2010 )

1. Help.aspx XSS Vulnerability

A cross-site scripting and spoofing vulnerability exists in Microsoft Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007 that could allow an attacker to convince a user to run a malicious script. An attacker who successfully exploited the vulnerability could modify Web browser caches and intermediate proxy server caches. Additionally, an attacker could put spoofed content into those caches. An attacker may also be able to exploit the vulnerability to perform cross-site scripting attacks.

2. toStaticHTML Information Disclosure Vulnerability

An information disclosure vulnerability exists in the way that the SharePoint toStaticHTML API sanitizes HTML, that could allow an attacker to perform cross-site scripting attacks and run script in the security context of the logged-on user.

3. Sharepoint Help Page Denial of Service Vulnerability

A denial of service vulnerability exists in the way that Microsoft SharePoint handles specially crafted requests to the help page. An attacker could exploit the vulnerability by sending specially crafted packets to the targeted SharePoint server which could cause the Web server to become non-responsive until the associated application pool is restarted.