The vulnerability of the Signurl.asp component of the Microsoft Forefront Unified Access Gateway software suite allows a hacker to execute cross-site scripting attacks.

🗓️ 07 Sep 2021 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

The Signurl.asp flaw in Forefront Unified Access Gateway enables remote cross-site scripting.

Reporter	Title	Published	Views	Family All 9
Check Point Advisories	Preemptive Protection against Multiple Microsoft Forefront UAG Cross-Site Scripting Vulnerabilities (MS10-089)	9 Nov 201000:00	–	checkpoint_advisories
Check Point Advisories	Microsoft Forefront UAG Signurl.asp Cross-Site Scripting (MS10-089; CVE-2010-3936)	15 Mar 201100:00	–	checkpoint_advisories
CVE	CVE-2010-3936	10 Nov 201001:00	–	cve
Cvelist	CVE-2010-3936	10 Nov 201001:00	–	cvelist
Microsoft KB	MS10-089: Vulnerabilities in Forefront Unified Access Gateway and Microsoft Intelligent Application Gateway could cause elevation of privilege	6 Nov 201902:31	–	mskb
NVD	CVE-2010-3936	10 Nov 201003:00	–	nvd
Prion	Cross site scripting	10 Nov 201003:00	–	prion
securityvulns	Microsoft Security Bulletin MS10-089 - Important Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Elevation of Privilege (2316074)	10 Nov 201000:00	–	securityvulns
Tenable Nessus	MS10-089: Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Elevation of Privilege (2316074)	9 Nov 201000:00	–	nessus

Vulners

Node

microsoft forefront_unified_access_gatewayMatch2010

Source	Link
us-cert	www.us-cert.gov/cas/techalerts/TA10-313A.html
docs	www.docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-089
oval	www.oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12218
web	www.web.nvd.nist.gov/view/vuln/detail

29 Nov 2021 00:00Current

5.2Medium risk

Vulners AI Score5.2

CVSS 24.3

EPSS0.42355

Signurl.asp flaw Forefront gateway cross site scripting remote attack web vulnerability