CVE-2020-0637

An information disclosure vulnerability exists when Remote Desktop Web Access improperly handles credential information, aka 'Remote Desktop Web Access Information Disclosure Vulnerability'...

Microsoft Remote Desktop Web Access Information Disclosure Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, a U.S. company.Microsoft Windows is a set of operating systems for use on personal devices. An information disclosure vulnerability exists in Microsoft Remote Desktop Web Access, which arises from the...

Information disclosure

An information disclosure vulnerability exists when Remote Desktop Web Access improperly handles credential information, aka 'Remote Desktop Web Access Information Disclosure Vulnerability'...

CVE-2020-0637

An information disclosure vulnerability exists when Remote Desktop Web Access improperly handles credential information, aka 'Remote Desktop Web Access Information Disclosure Vulnerability'...

CVE-2020-0637

The connected records describe CVE-2020-0637 as an information-disclosure vulnerability in Microsoft Remote Desktop Web Access caused by improper handling of credential information. Affected component: Remote Desktop Web Access (Microsoft). Root cause: incorrect credential handling leading to dis...

KB4534271: Windows 10 Version 1607 and Windows Server 2016 January 2020 Security Update

The remote Windows host is missing security update 4534271. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in Windows Remote Desktop Gateway RD Gateway when an unauthenticated attacker connects to the target system using RDP and sends...

KLA11703 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability i...

KB4534309: Windows 8.1 and Windows Server 2012 R2 January 2020 Security Update

The remote Windows host is missing security update 4534309 or cumulative update 4534297. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully...

March 2017 Preview of Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2

March 2017 Preview of Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2 The March 2017 Preview of Monthly Quality Rollup includes some new improvements and fixes for the Windows 8.1 and Windows Server 2012 R2 platforms. We recommend that you apply this quality rollup as part of yo...

MS11-061: Vulnerability in Remote Desktop Web Access could allow elevation of privilege: August 9, 2011

MS11-061: Vulnerability in Remote Desktop Web Access could allow elevation of privilege: August 9, 2011 INTRODUCTION Microsoft has released security bulletin MS11-061. To view the complete security bulletin, visit one of the following Microsoft websites: Home users:...

Cross site scripting

Cross-site scripting XSS vulnerability in the logon page in Remote Desktop Web Access RD Web Access in Microsoft Windows Server 2008 R2 and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "Remote Desktop Web Access Vulnerability."...

CVE-2011-1263

Cross-site scripting XSS vulnerability in the logon page in Remote Desktop Web Access RD Web Access in Microsoft Windows Server 2008 R2 and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "Remote Desktop Web Access Vulnerability."...

Microsoft Windows Remote Desktop Web Access crossite scripting

Crossite scripting on the logon page...

MS11-061: Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250)

The version of Remote Desktop Web Access running on the remote host has a reflected cross-site scripting vulnerability. Input to the 'ReturnUrl' parameter of login.aspx is not properly sanitized. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL,...

MS11-061: Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250) (uncredentialed check)

The version of Remote Desktop Web Access running on the remote host has a reflected cross-site scripting vulnerability. Input to the 'ReturnUrl' parameter of login.aspx is not properly sanitized. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL,...

Microsoft Remote Desktop Web Access Detection

Remote Desktop Web Access was detected on the remote web server. This application allows access to RemoteApp and Desktop Connection via a web browser. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid55800; scriptversion"1.8"; scriptcvsdate"Date: 2020/01/22";...