PT-2011-3511 · Microsoft · Forefront Unified Access Gateway (Uag) 2010

Elisabeth Demeter

Publicado

2011-10-12

Atualizado

2018-10-12

CVE-2011-1969

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Forefront Unified Access Gateway (UAG) 2010 versions Gold through SP1

Description The issue allows remote attackers to execute arbitrary code on client machines via unspecified vectors. This is related to the MicrosoftClient.jar file containing a signed Java applet.

Recommendations For Microsoft Forefront Unified Access Gateway (UAG) 2010 versions Gold through SP1, consider disabling the use of the MicrosoftClient.jar file until a patch is available. Restrict access to the Java applet to minimize the risk of exploitation.

Correção

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

CVE-2011-1969

Produtos afetados

Forefront Unified Access Gateway (Uag) 2010

PT-2011-3511 · Microsoft · Forefront Unified Access Gateway (Uag) 2010

CVE-2011-1969

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4