296 matches found
EUVD-2017-17485
Malware in sbrugna...
EUVD-2018-4531
Malware in sbrugna...
CVE-2010-5144
The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an...
Secure application development cloud best practices
The need for agility can often sideline security best practices; we explore how to build with security at the forefront without compromising time to delivery...
Microsoft Forefront TMG Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the Forefront Threat Management Gateway TMG Firewall Client Winsock provider that could allow code execution in the security context of the client application...
Security Update for Forefront Endpoint Protection (February 2021)
The Malware Protection Engine version of Forefront Endpoint Protection installed on the remote Windows host is equal or prior to 1.1.17700.4. It is, therefore, affected by a unspecified privilege escalation vulnerability. An authenticated, local attacker can exploit this to gain administrator...
Security Update for Forefront Endpoint Protection (January 2021)
The Malware Protection Engine version of Forefront Endpoint Protection installed on the remote Windows host is prior to 1.1.17600.5. It is, therefore, affected by an unspecified remote code execution vulnerability. An authenticated, local attacker can exploit this to bypass authentication and...
KLA11860 PE vulnerability in Microsoft System Center
An elevation of privilege vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2020-1461 Related products Microsoft-Forefront-Protection Windows-Defender CVE list CVE-2020-1461 warning KB list Solution Insta...
KLA11747 Multiple vulnerabilities in Mycrosoft System Center
Multiple vulnerabilities were found in Mycrosoft System Center. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Defender can be exploited remotely via specially crafted comma...
MS10-089: Vulnerabilities in Forefront Unified Access Gateway and Microsoft Intelligent Application Gateway could cause elevation of privilege
Resolves vulnerabilities in Forefront Unified Access Gateway UAG that could allow elevation of privilege if a user visits an affected Web site using a specially crafted URL.INTRODUCTIONMicrosoft has released security bulletin MS10-089. To view the complete security bulletin, visit the following...
Microsoft Forefront Threat Management Gateway 2010 Service Pack 2
Describes the issues that are resolved by Microsoft Forefront Threat Management Gateway 2010 Service Pack 2.SummaryThis article lists the problems that are fixed in Microsoft Forefront Threat Management Gateway 2010 Service Pack 2 SP2. Service packs are cumulative. This means that the problems th...
Update Package 1 for Microsoft Forefront Identity Manager (FIM) 2010
Update Package 1 for Microsoft Forefront Identity Manager FIM 2010 Introduction Microsoft has released update 1 for Microsoft Forefront Identity Manager FIM 2010. This update applies only to FIM 2010 RTM which is also known as build 4.0.2592.0. This update is recommended for all installations of...
List of problems that are fixed in Forefront Threat Management Gateway 2010 Service Pack 1
Describes the problems that are fixed in Forefront Threat Management Gateway 2010 Service Pack 1.SummaryThis article lists the problems that are fixed in Microsoft Forefront Threat Management Gateway 2010 Service Pack 1. Service packs are cumulative. This means that the problems that are fixed in...
CVE-2018-12571
uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the origurl parameter, possibly causing a traffic amplification and/or SSRF outcome...
CVE-2018-12571
uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the origurl parameter, possibly causing a traffic amplification and/or SSRF outcome...
CVE-2018-12571
CVE-2018-12571 affects Microsoft Forefront Unified Access Gateway 2010. The vulnerability arises in uniquesig0/InternalSite/InitParams.aspx where a comma-separated orig_url list can trigger outbound DNS queries to arbitrary hosts, enabling potential traffic amplification and/or SSRF. POCs and dis...
Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction Vulnerability
Microsoft Forefront Unified Access Gateway is an SSL VPN gateway server from Microsoft. Microsoft Forefront Unified Access Gateway 2010 external DNS interaction vulnerability allows remote attackers to Trigger URLs in the outbound DNS query origurl parameter from arbitrary hosts via a...
Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction Vulnerability
Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the origurl parameter, possibly causing a traffic amplification and/or SSRF outcome...
Microsoft Threat Mgmt Gateway Firewall Client DNS Lookup Buffer Overflow - Ver2 (CVE-2011-1889)
A memory corruption vulnerability exists in Microsoft Forefront Threat Management Gateway. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction
Exploit Title: Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction Vendor Homepage: https://www.microsoft.com/ Version: 2010 CVE : CVE-2018-12571 Proof of Concept 1 Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for...