MS.Anti.XSS.Library.Bypass.Information.Disclosure
Description
This indicates an attack attempt to exploit an Information Disclosure vulnerability in Microsoft Anti-Cross Site Scripting Library.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. As a result, a remote attacker can execute arbitrary script code within the context of the application, allowing them to gain unauthorized access to sensitive information for further attacks.
Affected Products
Microsoft Anti-Cross Site Scripting Library V3.1 and earlier versions
Microsoft Anti-Cross Site Scripting Library V4.0
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://www.microsoft.com/technet/security/Bulletin/MS12-007.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |