Definition

UAG Blind HTTP Redirect Vulnerability

oval:org.mitre.oval:def:15476

Open redirect vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL aka "UAG Blind HTTP Redirect Vulnerability."

Family:

windows

Status:

ACCEPTED

Platform(s):

Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows Server 2008 R2

Class:

vulnerability

Reference(s):

CVE-2012-0146

Product(s):

Forefront Unified Access Gateway 2010