CVE-2009-0077

Name of the Vulnerable Software and Affected Versions Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE) (affected versions not specified) Microsoft Internet Security and Acceleration (ISA) Server versions 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1

Description The issue is related to the firewall engine's management of web listener session states, allowing remote attackers to cause a denial of service by creating many stale sessions via crafted packets.

Recommendations For Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE), at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Microsoft Internet Security and Acceleration (ISA) Server versions 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.