Cross-site scripting (XSS) vulnerability in the GetServerName function in sysinfo/commonFunc.js in Microsoft Windows Help and Support Center for Windows XP and Windows Server 2003 allows remote attackers to inject arbitrary web script or HTML via the svr parameter to sysinfo/sysinfomain.htm. NOTE: this can be leveraged with CVE-2010-1885 to execute arbitrary commands without user interaction.
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
| Link | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/578319 | third party advisory us government resource |
| http://www.securityfocus.com/archive/1/511774/100/0/threaded | mailing list |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/59267 | vdb entry |
| http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0197.html | mailing list exploit |
| http://www.microsoft.com/technet/security/advisory/2219475.mspx | vendor advisory |
| http://blogs.technet.com/b/msrc/archive/2010/06/10/windows-help-vulnerability-disclosure.aspx | vendor advisory |
| http://blogs.technet.com/b/srd/archive/2010/06/10/help-and-support-center-vulnerability-full-disclosure-posting.aspx | vendor advisory |
| http://www.securityfocus.com/bid/40721 | vdb entry exploit |
| http://www.vupen.com/english/advisories/2010/1417 | vdb entry vendor advisory |
| http://secunia.com/advisories/40076 | third party advisory vendor advisory |