Check Point Advisories

Microsoft ForeFront Default Portal Cross-Site Scripting (MS11-079)

Check Point Reference: CPAI-2011-123
Date Published: 11 Oct 2011
Severity: Critical
Last Updated: Saturday 01 January, 2011
Source: Microsoft Security Bulletin MS11-079
Industry Reference:CVE-2011-1897
Protection Provided by:
Who is Vulnerable? Microsoft Forefront Unified Access Gateway 2010
Microsoft Forefront Unified Access Gateway 2010 Service Pack 1
Microsoft Forefront Unified Access Gateway 2010 Update 1
Microsoft Forefront Unified Access Gateway 2010 Update 2
Vulnerability Description An information disclosure vulnerability has been reported in Microsoft Forefront Unified Access Gateway (UAG) server.
Update/Patch AvaliableMS11-079
Vulnerability DetailsThe vulnerability is due to a defect in Forefront Unified Access Gateway (UAG) that allows content to be reflected back to the user. A remote attacker may exploit this vulnerability by enticing a target UAG user to click on a link containing a malicious script. Successful exploitation may result in potentially sensitive information being disclosed to an unprivileged user.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK