This is a scripting vulnerability in Microsoft Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007. The vulnerability could allow an attacker to run arbitrary script that can result in elevation of privilege within the SharePoint site, as opposed to elevation of privilege within the workstation or server environment. The vulnerability could also allow an attacker to run arbitrary script to modify a user s cache, resulting in information disclosure at the workstation. However, user interaction is required to exploit this vulnerabilitySecuriTeam - Vulnerability in Windows SharePoint Services 3.0 and Office SharePoint Server 2007 Elevation of Privilege (MS07-059)
Blogged with the Flock Browser
