Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2011-1252

Published: 16/06/2011 Updated: 07/12/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Microsoft

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1 allows remote malicious users to inject arbitrary web script or HTML via unspecified strings, aka "toStaticHTML Information Disclosure Vulnerability" or "HTML Sanitization Vulnerability."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft internet_explorer 7

microsoft internet_explorer 8

Exploits

Exploit DB: Microsoft Internet Explorer toStaticHTML Information Disclosure
Microsoft Internet Explorer versions 8 and 9 can have the toStaticHTML function bypassed by a specially formed CSS ...

Recent Articles

Patch Tuesday June 2011
Securelist • Kurt Baumgartner • 14 Jun 2011

This month’s patch Tuesday is a sizable one by any standards, following the quiet Tuesday that my colleague Roel Schouwenberg described last month. Microsoft is patching a total of 34 vulnerabilities in 16 bulletins, MS11-038 through MS11-051. At least eight different Microsoft product lines are updated, and Adobe is coordinating release of Reader, Acrobat, Shockwave and Flash updates as well today. So we are looking at patching the following programs: Microsoft Windows, Microsoft Office, Inte...

Read more...

References

CWE-79http://www.us-cert.gov/cas/techalerts/TA11-256A.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12885https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12577https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-074https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050https://nvd.nist.govhttps://packetstormsecurity.com/files/103241/Microsoft-Internet-Explorer-toStaticHTML-Information-Disclosure.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook