Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2012

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-2012
Last Modified 26 Jan 2012 11:00:13
Published 11 Oct 2011 10:52:44
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2012

Summary

Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 does not properly validate session cookies, which allows remote attackers to cause a denial of service (IIS outage) via unspecified network traffic, aka "Null Session Cookie Crash."

Vulnerable Systems

Application

  • Microsoft Forefront Unified Access Gateway 2010


References

MS - MS11-079

BID - 49980


Last Updated: 27 May 2016 10:58:01