Update Protection against Microsoft Forefront UAG Signurl.asp Cross-Site Scripting Vulnerability (MS10-089)
| Check Point Reference: | CPAI-2011-076 | |
| Date Published: | ||
| Severity: | ||
| Source: | Microsoft Security Bulletin MS10-089 | |
| Industry Reference(s): | CVE-2010-3936 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Microsoft Forefront Unified Access Gateway 2010 | ||
| Vulnerability Description A cross-site scripting vulnerability has been reported in Microsoft Forefront Unified Access Gateway (UAG). Microsoft Forefront Unified Access Gateway (UAG) is designed to provide secure remote access to corporate resources for employees, partners and vendors from both managed and unmanaged PCs and mobile devices. UAG provides a variety of connection options including SSL VPN, Microsoft DirectAccess and IPSec as well as a centralized management of a single gateway solution. A remote attacker could exploit this issue to execute a cross-site scripting attack that could allow him to issue commands to the UAG server. |
||
|
Update/Patch Available Apply patches: Microsoft Security Bulletin MS10-089 |
|
|
Vulnerability Details The vulnerability is due to insufficient validation of user-supplied input in signurl.asp by the Microsoft Forefront UAG. A remote attacker can exploit this flaw by enticing a target to open a malicious URL link. Successful exploitation of this vulnerability would result in compromise of web browser cookies associated with the site, and modification of user information. |
Protection Overview
This protection will detect and block malicious URL links attempting to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.