CVE-2012-1858
Microsoft Lync 2010 and 2010 Attendee - Cross-Site Scripting via SafeHTML Component
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-1858. PoCs published by Adi Cohen.
AI-analyzed exploit summary This exploit demonstrates a bypass of the toStaticHTML sanitization function in Internet Explorer > 8, SharePoint, and Lync by crafting a malicious CSS string that confuses the filtering mechanism, allowing XSS via expression() in CSS.
Description
The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document, aka "HTML Sanitization Vulnerability."
Exploits (1)
This exploit demonstrates a bypass of the toStaticHTML sanitization function in Internet Explorer > 8, SharePoint, and Lync by crafting a malicious CSS string that confuses the filtering mechanism, allowing XSS via expression() in CSS.