The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Microsoft ISA

Cisco, Juniper, Microsoft, Nortel, Stonesoft: vulnerability of SSL VPN
A weakness in the conception of some Clientless SSL VPN products can be used by an attacker in order to obtain information from other web sites visited by the victim...
025367-01, 19500, 2009009920, 984744, BID-37152, CVE-2009-2631, KB15799, PSN-2009-11-580, VIGILANCE-VUL-9265, VU#261869
Office Web Components: several vulnerabilities
An attacker can use several vulnerabilities of Office Web Components ActiveX, in order to execute code on victim's computer...
957638, BID-35642, BID-35990, BID-35991, BID-35992, CERTA-2009-AVI-331, CVE-2009-0562, CVE-2009-1136, CVE-2009-1534, CVE-2009-2496, MS09-043, VIGILANCE-VUL-8943, VU#545228, ZDI-09-054, ZDI-09-055, ZDI-09-056
ISA 2006: bypassing the Radius OTP authentication
In some configurations, an attacker knowing a username can access to resources protected by ISA Server 2006...
970953, BID-35631, CERTA-2009-AVI-276, CVE-2009-1135, MS09-031, VIGILANCE-VUL-8858
Microsoft Office Web Components: memory corruption
An attacker can invite the victim to see an HTML page in order to corrupt the memory of a Microsoft Office Web Components ActiveX, leading to code execution...
957638, 973472, BID-35642, CVE-2009-1136, FGA-2009-27, MS09-043, VIGILANCE-VUL-8854, VU#545228
ISA, Forefront: two vulnerabilities
An attacker can generate a denial of service and a Cross Site Scripting in ISA Server and Forefront Threat Management Gateway...
961759, BID-34414, BID-34416, CERTA-2009-AVI-146, CVE-2009-0077, CVE-2009-0237, MS09-016, VIGILANCE-VUL-8634
IP Filter, ISA: DNS vulnerability with NAT
When the address translation is enabled on the firewall, protections which are setup to correct VIGILANCE-VUL-7937 are not efficient...
245206, 6726575, 6730614, CVE-2008-5133, VIGILANCE-VUL-8237
Office, Visual, BizTalk, Commerce, ISA: vulnerabilities
Two vulnerabilities of Microsoft Office, Visual Studio .NET, BizTalk Server, Commerce Server and Internet Security and Acceleration Server products can be used to execute code...
933103, BID-28135, BID-28136, CERTA-2008-AVI-127, CVE-2006-4695, CVE-2007-1201, MS08-017, VIGILANCE-VUL-7657, VU#654577
Microsoft ISA Server 2004: obtaining visited IP addresses
An attacker can obtain IP address of site previously visited via SOCKS4 proxy...
BID-25753, CVE-2007-4991, VIGILANCE-VUL-7182, ZDI-07-053
ISA: character insertion in logs via Host header
An attacker can use a special encoding in Host header to insert characters in logs...
042006-001-ISA-LM, VIGILANCE-VUL-5821
ISA : corruption de cache HTTP et contournement de filtre NetBIOS
Un attaquant peut corrompre le cache HTTP ou accéder au firewall en utilisant le protocole NetBIOS...
BID-13954, BID-13955, BID-13956, CERTA-2005-AVI-215, CVE-2005-1215, CVE-2005-1216, MS05-034, V6-ISAHTTPNETBIOS, VIGILANCE-VUL-5012, VU#367077
Our database contains other pages. You can request a free trial to read them.