This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.
An application on the remote host has multiple vulnerabilities
The version of Forefront Unified Access Gateway (UAG) running on the
remote host has multiple vulnerabilities :
- An unspecified redirection spoofing vulnerability, which
could result in users being redirected from the UAG server
to a similar looking, malicious server. (CVE-2010-2732)
- An unspecified non-persistent XSS in UAG.
- An unspecified non-persistent XSS in the UAG Mobile
Portal Website. (CVE-2010-2734)
- An unspecified non-persistent XSS in Signurl.asp.
See also :
Microsoft has released a set of patches for UAG 2010, UAG 2010 Update
1, and UAG 2010 Update 2.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 50530 ()
Bugtraq ID: 44631446324463344634
CVE ID: CVE-2010-2732CVE-2010-2733CVE-2010-2734CVE-2010-3936
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.