CVE-2011-1895 in Forefront Unified Access Gateway
Сводка (Английский)
CRLF injection vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via unspecified vectors, aka "ExcelTable Response Splitting XSS Vulnerability."
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Резервировать
04.05.2011
Раскрытие
11.10.2011
Статус
Подтверждённый
Записи
VulDB provides additional information and datapoints for this CVE:
| ИД | Уязвимость | CWE | Экс | Кон | CVE |
|---|---|---|---|---|---|
| 4420 | Microsoft Forefront Unified Access Gateway эскалация привилегий | 94 | Не определено | Официальное исправление | CVE-2011-1895 |