CVE Reference: CVE-2011-1895

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2011-1895

Description:
CRLF injection vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via unspecified vectors, aka "ExcelTable Response Splitting XSS Vulnerability."

CVE Status:
Candidate

References:

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:13064

OSVDB
  76235

MS
  http://technet.microsoft.com/en-us/security/bulletin/MS11-079

BID
  49979


Return to the previous page.