A cross-site scripting vulnerability exists in a server running a vulnerable version of the .Net Framework 2.0 that could inject a client side script in the user's browser. The script could spoof content, disclose information, or take any action that the user could take on the affected web site.
Microsoft has released a patch to correct this issue, you can download it from the following web site: http://www.microsoft.com/technet/security/Bulletin/MS06-056.mspx
- Microsoft Group Policy Preferences Privilege Elevation Vulnerability (2962486)
- Microsoft System Center Configuration Manager XSS Vulnerability (2741528)
- Buffer Overflow in Windows Troubleshooter ActiveX Control (826232)
- Microsoft Lync Server Remote Denial of Service Vulnerability (2990928)
- Microsoft Graphics Component Information Disclosure Vulnerability (3029944)