{"vuid":"VU#108884","idnumber":"108884","name":"Microsoft Indexing Services vulnerable to cross-site scripting","keywords":["Microsoft","Indexing Services","cross-site scripting","xss","ms06-sep"],"overview":"Microsoft's Indexing Service does not properly validate queries. This vulnerability may allow an attacker to run client-side scripts on behalf of a user.","clean_desc":"Microsoft's Indexing Service allows users to quickly search computers and networks. This service can be used in combination with Internet Information Services (IIS) to enable IIS as a Web-based interface for the Indexing Service. A cross-site scripting vulnerability on systems running the Indexing Service may allow an attacker to run a malicious script. This script could take any action on the user's computer that the vulnerable web site is legitimately authorized to take. For more information on cross-site scripting, see the CERT Cross-Site Scripting Vulnerabilities document. Note that both IIS and the Indexing Service need to be installed and running for a system to be vulnerable.","impact":"If an attacker can trick or entice a user to follow a link, the attacker can execute script as the victim in the context of the zone in which the vulnerable server resides.","resolution":"Upgrade\nMicrosoft has released an update to address this issue.","workarounds":"Disable or remove the Indexing Service\nIf the indexing service is not needed, disable or remove it. Microsoft has provided instructions on how to do this in Security Bulletin MS06-053.","sysaffected":"","thanks":"Thanks to Microsoft for supplying information on this vulnerability.","author":"This document was written by Ryan Giobbi.","public":["http://www.microsoft.com/technet/security/bulletin/ms06-053.mspx","http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/snap_idx_srv_mgmt.mspx?mfr=true","http://www.cert.org/archive/pdf/cross_site_scripting.pdf"],"cveids":["CVE-2006-0032"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-09-12T16:51:31Z","publicdate":"2006-09-12T00:00:00Z","datefirstpublished":"2006-09-12T20:10:55Z","dateupdated":"2006-09-15T20:36:33Z","revision":24,"vrda_d1_directreport":"1","vrda_d1_population":"3","vrda_d1_impact":"2","cam_widelyknown":"17","cam_exploitation":"0","cam_internetinfrastructure":"4","cam_population":"16","cam_impact":"8","cam_easeofexploitation":"3","cam_attackeraccessrequired":"7","cam_scorecurrent":"1.0584","cam_scorecurrentwidelyknown":"1.2096","cam_scorecurrentwidelyknownexploited":"2.2176","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":1.0584,"vulnote":null}