This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.
An application on the remote host has multiple vulnerabilities
The version of Forefront Unified Access Gateway (UAG) running on the
remote host has multiple vulnerabilities :
- An unspecified redirection spoofing vulnerability, which
could result in users being redirected from the UAG server
to a similar looking, malicious server. (CVE-2010-2732)
- An unspecified non-persistent XSS in UAG.
- An unspecified non-persistent XSS in the UAG Mobile
Portal Website. (CVE-2010-2734)
- An unspecified non-persistent XSS in Signurl.asp.
See also :
Microsoft has released a set of patches for UAG 2010, UAG 2010 Update
1, and UAG 2010 Update 2.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true