Denial of Service Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway - MS09-016ID: oval:org.secpod.oval:def:2373 | Date: (C)2011-10-04 (M)2022-10-10 |
Class: PATCH | Family: windows |
The host is missing an important security update according to Microsoft security bulletin, MS09-016. The update is required to fix denial of service vulnerabilities. The flaws are present in the Microsoft Internet Security and Acceleration (ISA) Server and Microsoft Forefront Threat Management Gateway (TMG), Medium Business Edition (MBE). The firewall engine fails to handle TCP state and HTTP forms authentication fails to handle input. Successful exploitation could allow an attacker to preview a specially crafted file from the search results.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |
Microsoft Windows Vista |
Product: |
Microsoft Forefront Threat Management Gateway |
Microsoft Internet Security and Acceleration Server 2004 |
Microsoft Internet Security and Acceleration Server 2006 |