Five Vulnerabilities Found in Microsoft Forefront Unified Access Gateway
( Microsoft Security Bulletin MS11-079 )
Summary
Five security issues in Forefront Unified Access Gateway (UAG) have been reported, the most severe of which could allow remote code execution on a targeted machine. The Check Point IPS Software Blade provides network protection against these vulnerabilities.
Affected Products
Consult the Check Point Protection links in the table below to see information on which versions of Forefront UAG are susceptible to specific vulnerabilities.
Solution
Check Point recommends that the patches described in Microsoft Security Bulletin MS11-079 be deployed as soon as is practical. In the meantime, the Check Point IPS Software Blade provides immediate network protection of unpatched systems against all of these issues in the latest IPS update, by detecting and blocking attempts to take advantage of them. The following table lists each issue and its severity, along with the associated CVE reference and Check Point Protection.
| Forefront UAG Vulnerability | Severity | Industry Reference | Check Point Protection |
|---|---|---|---|
| ExcelTable Reflected XSS Information Disclosure | Critical | CVE-2011-1896 | CPAI-2011-472 |
| Default Reflected XSS Information Disclosure | Critical | CVE-2011-1897 | CPAI-2011-471 |
| Poisoned Cup of Code Execution | Critical | CVE-2011-1969 | CPAI-2011-470 |
| Session Cookie Denial of Service | High | CVE-2011-2012 | CPAI-2011-462 |
| ExcelTable Information Disclosure | High | CVE-2011-1895 | CPAI-2011-461 |
Originally Published:
Last Updated: 11-Oct-2011