6 matches found
Open redirect
Open redirect vulnerability in Microsoft Forefront Unified Access Gateway UAG 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "UAG Blind HTTP Redirect Vulnerability."...
CVE-2011-1969
Microsoft Forefront Unified Access Gateway UAG 2010 Gold, Update 1, Update 2, and SP1 provides the MicrosoftClient.jar file containing a signed Java applet, which allows remote attackers to execute arbitrary code on client machines via unspecified vectors, aka "Poisoned Cup of Code Execution...
CVE-2011-2012
Microsoft Forefront Unified Access Gateway UAG 2010 Gold, Update 1, Update 2, and SP1 does not properly validate session cookies, which allows remote attackers to cause a denial of service IIS outage via unspecified network traffic, aka "Null Session Cookie Crash."...
Open redirect
Open redirect vulnerability in the web interface in Microsoft Forefront Unified Access Gateway UAG 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka "UAG Redirection Spoofing...
CVE-2010-2733
This CVE-2010-2733 entry concerns a non-persistent cross-site scripting (XSS) vulnerability in Forefront UAG Web Monitor across 2010 Gold, Update 1, and Update 2. The issue is documented under Microsoft MS10-089, which addresses multiple UAG vulnerabilities (CVE-2010-2732, CVE-2010-2733, CVE-2010...
CVE-2010-2734
Cross-site scripting XSS vulnerability in the mobile portal in Microsoft Forefront Unified Access Gateway UAG 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "XSS Issue on UAG Mobile Portal Website in Forefron...