Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Forefront Unified Access Gateway information leakage
Published:11.04.2012
Source:
SecurityVulns ID:12321
Type:remote
Threat Level:
6/10
Description:Request redirection, access restrictions bypass.
Affected:MICROSOFT : Forefront Unified Access Gateway 2010
CVE:CVE-2012-0147 (Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 does not properly configure the default web site, which allows remote attackers to obtain sensitive information via a crafted HTTPS request, aka "Unfiltered Access to UAG Default Website Vulnerability.")
 CVE-2012-0146 (Open redirect vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "UAG Blind HTTP Redirect Vulnerability.")
Files:Microsoft Security Bulletin MS12-026 - Important Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod