The FrontPage Server Extensions 2002 (included in Windows
Sever 2003 IIS 6.0 and available as a separate download
for Windows 2000 and XP) has a web page
/_vti_bin/_vti_adm/fpadmdll.dll that is used for
administrative purposes. This web page is vulnerable to
cross site scripting attacks allowing an attacker to run
client-side script on behalf of an FPSE user. If the
victim is an administrator, the attacker could take
complete control of a Front Page Server Extensions 2002
server.
To exploit the vulnerability an attacker can send a
specially crafted e-mail message to a FPSE user and then
persuade the user to click a link in the e-mail
message.
In addition, this vulnerability can be exploited if an
attacker hosts a malicious website and persuade the user
to visit it.