CVE-2011-1895

Currently unrated

Key Information:

Vendor: Microsoft
Status: Forefront Unified Access Gateway
Vendor: CVE Published:; 12 October 2011

Summary

CRLF injection vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via unspecified vectors, aka "ExcelTable Response Splitting XSS Vulnerability."

References

http://www.securityfocus.com/bid/49979

vdb-entryx_refsource_BID

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://osvdb.org/76235

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Oct 12, 2011
Vulnerability Reserved
May 4, 2011