Signature Detail

HTTP: FrontPage Server Extensions XSS

This signature detects HTTP POST requests to a Microsoft FrontPage Server containing script elements. A successful attack can lead to information disclosure or execution of arbitrary code.

Extended Description

Microsoft FrontPage Server Extensions are prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before it is rendered to other users. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user, with the privileges of the victim user’s account. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Affected Products

• Microsoft FrontPage Server Extensions 2002
• Microsoft SharePoint Team Services 2002
• Microsoft Windows Server 2003 Datacenter Edition Itanium SP1
• Microsoft Windows Server 2003 Datacenter Edition Itanium
• Microsoft Windows Server 2003 Enterprise Edition SP1
• Microsoft Windows Server 2003 Enterprise Edition Itanium SP1
• Microsoft Windows Server 2003 Enterprise Edition Itanium
• Microsoft Windows Server 2003 Enterprise x64 Edition
• Microsoft Windows Server 2003 Standard Edition SP1
• Microsoft Windows Server 2003 Standard x64 Edition
• Microsoft Windows XP Home SP2
• Microsoft Windows XP Professional SP2
• Microsoft Windows XP Professional
• Microsoft Windows XP Professional x64 Edition

References

• BugTraq: 17452
• CVE: CVE-2006-0015
• URL: http://msdn.microsoft.com/library/?url=/library/en-us/dnservext02/fpse2002ovrw.asp