Microsoft SharePoint up to 2010 SP1 scriptesx.ashx cross site scripting

VulDB: Microsoft SharePoint up to 2010 SP1 scriptesx.ashx cross site scripting

General

Microsoft

scipID: 5644
Affected: Microsoft SharePoint up to 2010 SP1
Published: 07/10/2012
Risk: problematic
Entry: 90.3% complete
Created: 07/11/2012
Updated: 09/03/2012

Summary

A vulnerability has been found in Microsoft SharePoint up to 2010 SP1 and classified as problematic. This vulnerability affects an unknown function of the file scriptesx.ashx. The manipulation with an unknown input leads to a cross site scripting vulnerability. As an impact it is known to affect confidentiality, integrity, and availability.

The weakness was shared 07/10/2012 as MS12-050 as bulletin (Microsoft Technet). The advisory is shared for download at technet.microsoft.com. The vendor cooperated in the coordination of the public release. This vulnerability was named CVE-2012-1859 since 03/22/2012. The exploitability is told to be easy. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. Technical details and also a private exploit are known.

By approaching the search of inurl:scriptesx.ashx it is possible to find vulnerable targets with Google Hacking.

Applying the patch MS12-050 is able to eliminate this problem. The bugfix is ready for download at technet.microsoft.com. A possible mitigation has been published immediately after the disclosure of the vulnerability. The vulnerability is also documented in the databases at OSVDB (83650) and Secunia (SA49875).