![Trend Micro Security](https://www.trendmicro.com/content/dam/trendmicro/global/en/global/logo/logo-desktop.png)
MS12-061:Visual Studio Team Foundation Server の脆弱性により、特権が昇格される (2719584)
2012年9月12日
危険度: : 高
CVE識別番号: CVE-2012-1892
概要
This patch resolves a cross-site scripting (XSS) vulnerability found in Visual Studio Team Foundation Server. When exploited, an attacker can use the vulnerability to inject a script to a browser using Team Foundation Server web access. Attackers looking to exploit this vulnerability may set up a page where it hosts the exploit code and entice users to click on a link that redirects to the page.
Internet Explorer 8 and 9 users must enable the XSS Filter feature to be actively protected against attacks using this vulnerability.
トレンドマイクロの対策
詳しい情報については以下のサイトをご参照ください。
影響を受けるソフトウェア
- Microsoft Visual Studio Team Foundation Server 2010 Service Pack 1