Mrhinkydink

**Name of the Vulnerable Software and Affected Versions** Websense Enterprise versions 6.3.3 and earlier Websense Web Security versions 6.3.3 and earlier Websense Web Filter versions 6.3.3 and earlier **Description** The issue allows remote attackers to bypass intended filtering and monitoring activities for web traffic. This is achieved via an HTTP Via header when the ISAPI Filter plug-in is used with a Microsoft ISA or Microsoft Forefront TMG server. **Recommendations** For Websense Enterprise versions 6.3.3 and earlier, consider restricting access to the ISAPI Filter plug-in until a fix is available. For Websense Web Security versions 6.3.3 and earlier, avoid using the ISAPI Filter plug-in in conjunction with Microsoft ISA or Microsoft Forefront TMG servers until the issue is resolved. For Websense Web Filter versions 6.3.3 and earlier, as a temporary workaround, consider disabling the ISAPI Filter plug-in to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Websense Enterprise version 6.3.1 **Description** The issue allows remote attackers to bypass content filtering. This can be achieved by visiting HTTP URLs with specific User-Agent headers, including `(1) RealPlayer G2`, `(2) MSMSGS`, or `(3) StoneHttpAgent`, resulting in a Non-HTTP categorization. **Recommendations** For Websense Enterprise version 6.3.1, consider restricting access to HTTP URLs with the specified User-Agent headers as a temporary workaround until a patch is available.