PT-2011-3511 · Microsoft · Forefront Unified Access Gateway (Uag) 2010

Elisabeth Demeter

Published

2011-10-12

Updated

2018-10-12

CVE-2011-1969

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Forefront Unified Access Gateway (UAG) 2010 versions Gold through SP1

Description The issue allows remote attackers to execute arbitrary code on client machines via unspecified vectors. This is related to the MicrosoftClient.jar file containing a signed Java applet.

Recommendations For Microsoft Forefront Unified Access Gateway (UAG) 2010 versions Gold through SP1, consider disabling the use of the MicrosoftClient.jar file until a patch is available. Restrict access to the Java applet to minimize the risk of exploitation.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2011-1969

Affected Products

Forefront Unified Access Gateway (Uag) 2010

PT-2011-3511 · Microsoft · Forefront Unified Access Gateway (Uag) 2010

CVE-2011-1969

Weakness Enumeration

Related Identifiers

Affected Products

References · 4