Check Point Advisories

Preemptive Protection against Microsoft Active Directory Certificate Services Cross-Site Scripting (MS11-051; CVE-2011-1264)

Check Point Reference: CPAI-2011-452
Date Published: 4 Oct 2011
Severity: High
Last Updated: Saturday 01 January, 2011
Source: Microsoft Security Bulletin MS11-051
Industry Reference:CVE-2011-1264
Protection Provided by:
Who is Vulnerable? Windows servers with Certificate Services installed.
Vulnerability Description A cross-site scripting vulnerability has been reported in Microsoft Active Directory Certificate Services.
Update/Patch AvaliableApply patches from:
MS11-051
Vulnerability DetailsThe vulnerability is due to insufficient validation of user input by the affected service. A remote attacker may exploit this vulnerability by sending specially crafted post requests to the server. Successful exploitation could allow the attacker to execute a client-side script in the affected component, which may lead to information disclosure.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK