Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0146

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2012-0146
Last Modified 15 Nov 2013 12:32:29
Published 10 Apr 2012 05:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0146

Summary

Open redirect vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "UAG Blind HTTP Redirect Vulnerability."

Vulnerable Systems

Application

  • Microsoft Forefront Unified Access Gateway 2010


References

MS - MS12-026

XF - ms-forefront-spoofing(74367)

SECTRACK - 1026909

BID - 52903

SECUNIA - 48787

OSVDB - 81131

Related Patches

MS12-026 2663860 2649261 Security Update for Forefront Unified Access Gateway 2010 SP1 (See Notes)

MS12-026 2663860 2649262 Security Update for Forefront Unified Access Gateway 2010 SP1 Update 1 (See Notes)


Last Updated: 27 May 2016 10:58:24