Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-0237
HistoryApr 15, 2009 - 8:00 a.m.

CVE-2009-0237

2009-04-1508:00:00
CWE-79
[email protected]
web.nvd.nist.gov
5

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.925

Percentile

99.0%

JSON

Cross-site scripting (XSS) vulnerability in cookieauth.dll in the HTML forms authentication component in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2006, 2006 Supportability Update, and 2006 SP1; allows remote attackers to inject arbitrary web script or HTML via โ€œauthentication inputโ€ to this component, aka โ€œCross-Site Scripting Vulnerability.โ€

Affected configurations

Nvd
Node
microsoftforefront_threat_management_gatewayMatch--medium_business
OR
microsoftinternet_security_and_acceleration_serverMatch2004sp3enterprise
OR
microsoftinternet_security_and_acceleration_serverMatch2004sp3standard
OR
microsoftinternet_security_and_acceleration_serverMatch2006sp1
OR
microsoftinternet_security_and_acceleration_serverMatch2006supportability
VendorProductVersionCPE
microsoftforefront_threat_management_gateway-cpe:2.3:a:microsoft:forefront_threat_management_gateway:-:-:medium_business:*:*:*:*:*
microsoftinternet_security_and_acceleration_server2004cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2004:sp3:enterprise:*:*:*:*:*
microsoftinternet_security_and_acceleration_server2004cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2004:sp3:standard:*:*:*:*:*
microsoftinternet_security_and_acceleration_server2006cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2006:sp1:*:*:*:*:*:*
microsoftinternet_security_and_acceleration_server2006cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2006:supportability:*:*:*:*:*:*

Related

checkpoint_advisories 1
seebug 1
cve 1
prion 1
cvelist 1
nessus 1
openvas 2
securityvulns 2
checkpoint_advisories
checkpoint_advisories
Preemptive Protection against Microsoft ISA Server Cross-Site Scripting (XSS) Vulnerability (MS09-016)
2009-04-14 00:00:00
seebug
seebug
Microsoft ISA Serverๅ’ŒForefront TMG่ทจ็ซ™่„šๆœฌๆผๆดž๏ผˆMS09-016๏ผ‰
2009-04-16 00:00:00
cve
cve
CVE-2009-0237
2009-04-15 08:00:00
prion
prion
Cross site scripting
2009-04-15 08:00:00
cvelist
cvelist
CVE-2009-0237
2009-04-15 03:49:00
nessus
nessus
MS09-016: Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway Could Cause Denial of Service (961759)
2009-04-14 00:00:00
openvas
openvas
Microsoft ISA Server and Forefront Threat Management Gateway DoS Vulnerability (961759)
2009-04-23 00:00:00
Microsoft ISA Server and Forefront Threat Management Gateway DoS Vulnerability (961759)
2009-04-23 00:00:00
securityvulns
securityvulns
Microsoft ISA Server / Forefront Threat Management Gateway DoS
2009-04-15 00:00:00
Microsoft Security Bulletin MS09-016 - Important Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Could Cause Denial of Service (961759)
2009-04-15 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.925

Percentile

99.0%

JSON
Related for NVD:CVE-2009-0237
checkpoint_advisories1seebug1cve1prion1cvelist1nessus1openvas2securityvulns2