Posted by: Dan O'Connor
cve-2010-0817, sharepoint, xss
There is a privilege escalation vulnerability in MS Sharepoint. There is a mitigation for IE 8 users, you can enabled a XSS filter ( see the links ). There is also a work around if you ACL the help.aspx file, you wont be able to view the help for the site, but it is supposed to stop the attack.
Here is the suggested actions from MS.
Customers can mitigate the impact to systems running Microsoft Windows SharePoint Services 3.0 or Microsoft Office SharePoint Server 2007 by applying the following workarounds.
Workaround refers to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality:
|•||Restrict Access to SharePoint Help.aspx
An administrator can apply an access control list to SharePoint Help.aspx to ensure that they can no longer be loaded. This effectively prevents exploitation of the vulnerability using this attack vector.
To restrict access to the vulnerable Help.aspx:
Impact of workaround. This workaround will disable all help functionality from the SharePoint server.
How to undo the workaround.