The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Microsoft Forefront UAG

computer vulnerability bulletin CVE-2014-2779

Microsoft Malware Protection Engine: denial of service

Synthesis of the vulnerability

An attacker can send a malicious file to the Microsoft Malware Protection Engine, in order to trigger a denial of service.
Impacted products: Forefront Security for Exchange Server, Forefront Threat Management Gateway, Forefront Unified Access Gateway, SCCM, SCOM, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista, Windows XP.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: document.
Creation date: 18/06/2014.
Identifiers: 2974294, CVE-2014-2779, VIGILANCE-VUL-14908.

Description of the vulnerability

The Microsoft Malware Protection Engine analyzes files searching for malware.

However, a malicious file locks this engine.

An attacker can therefore send a malicious file to the Microsoft Malware Protection Engine, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2012-0146 CVE-2012-0147

Microsoft Forefront Unified Access Gateway: two vulnerabilities

Synthesis of the vulnerability

An attacker can use two vulnerabilities of Microsoft Forefront Unified Access Gateway, in order to obtain information.
Impacted products: Forefront Unified Access Gateway.
Severity: 2/4.
Consequences: data reading.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 11/04/2012.
Identifiers: 2663860, BID-52903, BID-52909, CERTA-2012-AVI-205, CVE-2012-0146, CVE-2012-0147, MS12-026, VIGILANCE-VUL-11528.

Description of the vulnerability

The Microsoft Forefront Unified Access Gateway product provides remote access features. It is impacted by two vulnerabilities.

An attacker can send a link to the victim, which starts by the url of the Forefront Unified Access Gateway server, and which uses its redirection feature, in order to automatically redirect the victim to a malicious site. If this site has the same interface as FUAG, the victim can then enter sensitive data. [severity:2/4; BID-52903, CERTA-2012-AVI-205, CVE-2012-0146]

An attacker who is located on the external network can access to the FUAG default web site, in order to obtain information. [severity:2/4; BID-52909, CVE-2012-0147]

An attacker can therefore use two vulnerabilities of Microsoft Forefront Unified Access Gateway, in order to obtain information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2011-1895 CVE-2011-1896 CVE-2011-1897

Microsoft Forefront Unified Access Gateway: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft Forefront Unified Access Gateway, in order to create a Cross Site Scripting, to execute code, or to create a denial of service.
Impacted products: Forefront Unified Access Gateway, Microsoft IAG.
Severity: 3/4.
Consequences: user access/rights, client access/rights, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 12/10/2011.
Identifiers: 2544641, BID-49972, BID-49974, BID-49979, BID-49980, BID-49983, CVE-2011-1895, CVE-2011-1896, CVE-2011-1897, CVE-2011-1969, CVE-2011-2012, MS11-079, SA-20111012-0, VIGILANCE-VUL-11053.

Description of the vulnerability

The Microsoft Forefront Unified Access Gateway product provides remote access features. It is impacted by five vulnerabilities.

An attacker can use a special HTTP query, which is split in two. Its second part can contain JavaScript code which is interpreted in the context of another web site. [severity:2/4; BID-49979, CVE-2011-1895]

An attacker can generate a Cross Site Scripting, in order to execute JavaScript code in the context of another web site. [severity:2/4; BID-49972, CVE-2011-1896]

An attacker can generate a Cross Site Scripting, in order to execute JavaScript code in the context of another web site. [severity:2/4; BID-49974, CVE-2011-1897]

The Forefront Unified Access Gateway server installs a Java applet on the computer of VPN clients. However, this applet contains a vulnerability which leads to code execution on the victim's computer. [severity:3/4; BID-49983, CVE-2011-1969, SA-20111012-0]

An attacker can use a special session cookie, in order to create a NULL pointer dereference error, which stops IIS. [severity:2/4; BID-49980, CVE-2011-2012]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.