This host is missing a critical security update according to Microsoft Bulletin MS10-039.
Successful exploitation could allow attackers to attackers to gain knowledge of sensitive information or cause a denial of service. Impact Level: System/Application
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms10-039.mspx
The flaws are due to, - An error within the 'help.aspx' page, which could allow cross-site scripting attacks. - An error in the way that the 'toStaticHTML' API sanitizes HTML on a SharePoint site, which could allow cross-site scripting attacks. - An error when handling specially crafted requests sent to the Help page, which could allow attackers to cause a denial of service.
Microsoft Office InfoPath 2003 Service Pack 3 Microsoft Office InfoPath 2007 Service Pack 1/2 Microsoft Office SharePoint Server 2007 Service Pack 2 Microsoft Windows SharePoint Services 3.0 Service Pack 1/2
- Microsoft Outlook Information Disclosure Vulnerability (2894514)
- Microsoft 'ISATAP' Component Spoofing Vulnerability (978338)
- Microsoft Windows DNS Server Denial of Service Vulnerability (2647170)
- Microsoft Office Web Apps HTML Sanitisation Component XSS Vulnerability (2821818)
- Microsoft SharePoint SafeHTML Information Disclosure Vulnerabilities (2412048)