Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||Vulnerability in Microsoft FrontPage Server Extensions, Vulnerabilidad en las Extensiones de servidor de Microsoft FrontPage|
It is a moderate vulnerability in FrontPage Server Extensions 2002 and SharePoint Team Services 2002 on Windows 2003/XP/2000 computers, which allows cross-site scripting attacks to be carried out.
|First detected on:||April 12, 2006|
|Detection updated on:||April 12, 2006|
MS06-017 is not categorized as virus, worm, Trojan or backdoor. It is a moderate vulnerability in FrontPage Server Extensions 2002 (or SharePoint Team Services 2002) installed on Windows 2003/XP/2000 computers. The vulnerability allows cross-site scripting attacks to be carried out.
If exploited successfully, MS06-017 allows hackers to gain remote control of the affected FrontPage or SharePoint server with the same privileges as the logged on user. If this user had administrator rights, the hacker could take complete control of the system: create, modify or delete files, install programs, create new user accounts, etc.
This vulnerability is usually exploited by creating a malicious email message and sending it to the user of a server that is running an affected software application. It can also be exploited by enticing users into accessing a malicious web page.
If you have a Windows 2003/XP/2000 computer running FrontPage Server Extensions 2002 or SharePoint Team Services 2002, it is recommendable to download and apply the security patch for this vulnerability. Click here to access the web page for downloading the patch.