| Check Point Reference: |
CPAI-2009-092 |
| Date Published: |
14 Apr 2009 |
| Severity: |
Medium
|
| Last Updated: |
Friday 17 April, 2009 |
| Source: |
Microsoft Security Bulletin MS09-016 |
| Industry Reference: | CVE-2009-0237 |
| Protection Provided by: |
|
| Who is Vulnerable? | Microsoft Forefront Threat Management Gateway, Medium Business Edition
Microsoft Internet Security and Acceleration (ISA) Server 2006 Enterprise Edition
Microsoft Internet Security and Acceleration (ISA) Server 2006 Enterprise Edition SP1
Microsoft Internet Security and Acceleration (ISA) Server 2006 Enterprise Edition Supportability Update
Microsoft Internet Security and Acceleration (ISA) Server 2006 Standard Edition
Microsoft Internet Security and Acceleration (ISA) Server 2006 Standard Edition SP1
Microsoft Internet Security and Acceleration (ISA) Server 2006 Standard Edition Supportability Update |
| Vulnerability Description |
A cross-site scripting (XSS) vulnerability has been reported in the cookieauth.dll component in Microsoft Internet Security and Acceleration (ISA) Server. ISA Server, originating as Microsoft Proxy Server, is a Firewall & Security product that provides Application-Layer Firewalling, acts as a VPN endpoint, and provides Internet Access for client systems in a Business Networking environment. A remote attacker may exploit this vulnerability to run malicious scripts on an affected system. |
| Update/Patch Avaliable | Apply patches:
Microsoft Security Bulletin MS09-016 |
| Vulnerability Details | The vulnerability is due to an input validation error in the HTTP stream. A remote attacker can exploit this issue to execute a cross-site scripting attack through the cookieauth.dll component in ISA Server or Forefront TMG, by convincing a user to click on a maliciously crafted URL that contains a script code. Successful exploitation of this vulnerability could allow the attacker to inject script code into the web pages viewed by other users. |
Feedback