CVE Reference: CVE-2011-2012

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2011-2012

Description:
Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 does not properly validate session cookies, which allows remote attackers to cause a denial of service (IIS outage) via unspecified network traffic, aka "Null Session Cookie Crash."

CVE Status:
Candidate

References:

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12799

MS
  http://technet.microsoft.com/en-us/security/bulletin/MS11-079

BID
  49980


Return to the previous page.