CVE-2009-2496

CVE-2009-2496 : Heap-based/heap corruption vulnerability in the OWC10.Spreadsheet ActiveX control of Microsoft Office Web Components. Exploitation requires a user to load a malicious web page and trigger a specific sequence of method calls, leading to remote code execution. Affected products incl...

Microsoft ISA Server and Forefront Threat Management Gateway Denial of Service Vulnerability

Description Microsoft ISA Server and Forefront Threat Management Gateway are prone to a remote denial-of-service vulnerability. A remote, anonymous attacker could exploit this issue to cause the Web proxy listener to become unresponsive, denying service legitimate users. Technologies Affected...

ZDI-07-053: Microsoft ISA Server SOCKS4 Proxy Connection Leakage

ZDI-07-053: Microsoft ISA Server SOCKS4 Proxy Connection Leakage http://www.zerodayinitiative.com/advisories/ZDI-07-053.html September 20, 2007 -- CVE ID: CVE-2007-4991 -- Affected Vendor: Microsoft -- Affected Products: ISA Server 2004 SP1 ISA Server 2004 SP2 -- TippingPointTM IPS Customer...

CVE-2006-7027

CVE-2006-7027 concerns Microsoft Internet Security and Acceleration (ISA) Server 2004. The vulnerability arises when the Host header contains unusual ASCII characters (including a tab), enabling remote attackers to manipulate portions of the log file and potentially leverage it for further attack...

Update Protection against Microsoft ISA Server Manipulation Vulnerability

ISA Server 2004 is an application-layer firewall, virtual private network VPN, and Web cache solution. A Log Manipulation vulnerability was reported in Microsoft ISA Server 2004. When exploited, the vulnerability will enable an attacker to manipulate the Destination Host parameter of the log file...

CVE-2006-1651

Microsoft ISA Server 2004 allows remote attackers to bypass certain filtering rules, including ones for 1 ICMP and 2 TCP, via IPv6 packets. NOTE: An established researcher has disputed this issue, saying that "Neither ISA Server 2004 nor Windows 2003 Basic Firewall support IPv6 filtering ... This...

CVE-2006-1651

Microsoft ISA Server 2004 allows remote attackers to bypass certain filtering rules, including ones for 1 ICMP and 2 TCP, via IPv6 packets. NOTE: An established researcher has disputed this issue, saying that "Neither ISA Server 2004 nor Windows 2003 Basic Firewall support IPv6 filtering ... This...

CVE-2006-1651

Microsoft ISA Server 2004 is affected by CVE-2006-1651, which reportedly allows remote attackers to bypass filtering rules (including ICMP and TCP) via IPv6 packets. The issue is controversial: an established researcher disputes IPv6 filtering support in ISA Server 2004 and Windows 2003 Basic Fir...

PT-2006-2646 · Microsoft · Isa Server 2004 +1

Name of the Vulnerable Software and Affected Versions: Microsoft ISA Server 2004 Description: The issue allows remote attackers to bypass certain filtering rules, including ones for ICMP and TCP, via IPv6 packets. However, an established researcher has disputed this, stating that neither Microsof...

Update to Mitigate MS08-037 UDP Behavior Across NAT for Microsoft ISA Server 2004 Enterprise Edition

Update to Mitigate MS08-037 UDP Behavior Across NAT for Microsoft ISA Server 2004 Enterprise Edition...

Microsoft Internet Security and Acceleration (ISA) Server 2004 Service Pack 3 (SP3)

ISA Server 2004 Service Pack 3 provides increased security, new troubleshooting options and tools available directly from the ISA Server Management console, new diagnostic logging functionality, and enhanced log viewer and log filtering options for ISA Server 2004 Standard Edition and Enterprise...

Security Update for Microsoft Office 2003 Web Components used in ISA Server 2004 SP3 Enterprise Edition Reporting

This update resolves vulnerabilities reported in Microsoft Office 2003 Web Components. ISA Server 2004 and 2006 use Office 2003 Web Components during report generation...

Security Update for ISA Server 2004 Standard Edition (KB 960995)

This update resolves the issues described in Knowledge Base articles 960995 ISA Server 2004: • ISA Server 2004 Web proxy and Web publishing listeners may stop accepting new requests after receiving specially-crafted packets...