Download
| Alert*
oval:org.secpod.oval:def:1369
The host is missing a critical security update according to Microsoft security bulletin, MS10-089. The update is required to fix multiple cross-site scripting vulnerabilities. Multiple flaws are present in the Sginurl.asp in Microsoft Forefront Unified Access Gateway. Successful exploitation could a ... oval:org.secpod.oval:def:2550 The host is installed with Microsoft Forefront Unified Access Gateway 2010 or Microsoft Forefront Unified Access Gateway 2010 update 1 or Microsoft Forefront Unified Access Gateway 2010 update 2 or Microsoft Forefront Unified Access Gateway 2010 service pack 1 and is prone to ExcelTable response spl ... oval:org.mitre.oval:def:12218 Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "XSS in Signurl.asp Vulnerability." oval:org.secpod.oval:def:2552 The host is installed with Microsoft Forefront Unified Access Gateway 2010 or Microsoft Forefront Unified Access Gateway 2010 update 1 or Microsoft Forefront Unified Access Gateway 2010 update 2 or Microsoft Forefront Unified Access Gateway 2010 service pack 1 and is prone to default reflected cross ... oval:org.secpod.oval:def:2551 The host is installed with Microsoft Forefront Unified Access Gateway 2010 or Microsoft Forefront Unified Access Gateway 2010 update 1 or Microsoft Forefront Unified Access Gateway 2010 update 2 or Microsoft Forefront Unified Access Gateway 2010 service pack 1 and is prone to ExcelTable reflected cr ... oval:org.secpod.oval:def:2554 The host is installed with Microsoft Forefront Unified Access Gateway 2010 or Microsoft Forefront Unified Access Gateway 2010 update 1 or Microsoft Forefront Unified Access Gateway 2010 update 2 or Microsoft Forefront Unified Access Gateway 2010 service pack 1 and is prone to denial of service vulne ... oval:org.secpod.oval:def:2553 The host is installed with Microsoft Forefront Unified Access Gateway 2010 or Microsoft Forefront Unified Access Gateway 2010 update 1 or Microsoft Forefront Unified Access Gateway 2010 update 2 or Microsoft Forefront Unified Access Gateway 2010 service pack 1 and is prone to remote code execution v ... oval:org.secpod.oval:def:2555 The host is missing an important security update according to Microsoft security bulletin, MS11-079. The update is required to fix multiple cross site scripting, denial of service and remote code execution vulnerabilities. The flaws are present in the applications which fails to properly handle scri ... oval:org.mitre.oval:def:11763 Forefront Unified Access Gateway 2010 Update 1 is installed oval:org.mitre.oval:def:12127 Cross-site scripting (XSS) vulnerability in the Web Monitor in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "UAG XSS Allows EOP Vulnerability." oval:org.mitre.oval:def:12058 Cross-site scripting (XSS) vulnerability in the mobile portal in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "XSS Issue on UAG Mobile Portal Website in Forefro ... oval:org.mitre.oval:def:12257 Open redirect vulnerability in the web interface in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka "UAG Redirection Spoofing Vulner ... |