MS Forefront Unified Access Gateway Remote Code Execution Vulnerabilities (2544641)

This host is missing an important security update according to Microsoft Bulletin MS11-079. OpenVAS Vulnerability Test $Id: secpodms11-079.nasl 5958 2017-04-17 09:02:19Z teissa $ MS Forefront Unified Access Gateway Remote Code Execution Vulnerabilities 2544641 Authors: Madhuri D Copyright:...

CVE-2011-1895

Microsoft Forefront UAG (2010 Gold/Update 1/Update 2/SP1) is affected by multiple vulnerabilities addressed in MS11-079. The CVE-2011-1895 issue is an HTTP response-splitting/CRLF injection in ExcelTable.asp that can lead to header tampering and related cross-site scripting attacks; related CVEs ...

Microsoft Forefront UAG ExcelTable Information Disclosure (MS11-079; CVE-2011-1895)

An information disclosure vulnerability has been reported in Microsoft Forefront Unified Access Gateway UAG. The vulnerability is due to improper validation of user supplied URLs by the UAG server. A remote attacker could trigger this issue by sending a specially crafted HTTP request to an affect...

MS11-079: Vulnerabilities in Microsoft Forefront Unified Access Gateway Could Cause Remote Code Execution (2544641)

The version of Forefront Unified Access Gateway UAG running on the remote host has multiple vulnerabilities in the Web Monitor component : - An HTTP response splitting vulnerability in ExcelTable.asp. CVE-2011-1895 - A reflected XSS in ExcelTable.asp. CVE-2011-1896 - A reflected XSS in Default.as...