New Search

FPSE XSS Vulnerability

oval:org.mitre.oval:def:1748

Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML then leverage the attack to execute arbitrary programs or create new accounts via the (1) operation (2) command and (3) name parameters.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
  • Microsoft Windows Server 2003
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2006-0015
Product(s):
  • Microsoft FrontPage Server Extensions 2002