Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2012


Vulnerability Score 5.0 5.0
CVE Id CVE-2011-2012
Last Modified 26 Jan 2012 11:00:13
Published 11 Oct 2011 10:52:44
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 does not properly validate session cookies, which allows remote attackers to cause a denial of service (IIS outage) via unspecified network traffic, aka "Null Session Cookie Crash."

Vulnerable Systems


  • Microsoft Forefront Unified Access Gateway 2010


MS - MS11-079

BID - 49980

Last Updated: 27 May 2016 10:58:01