Intrusion Prevention

MS.UAG.JAR.Allow.Remote.Code.Execution

Description

This indicates an attack attempt against a remote Code Execution vulnerability in the client machine of Microsoft UAG Server.
The vulnerability is due to a JAR file authentication error. It may allow remote attackers to execute arbitrary code on vulnerable systems.

Affected Products

Microsoft Forefront Unified Access Gateway 2010
Microsoft Forefront Unified Access Gateway 2010 Update 1
Microsoft Forefront Unified Access Gateway 2010 Update 2
Microsoft Forefront Unified Access Gateway 2010 Service Pack 1

Impact

System Compromise: Remote Code Execution.

Recommended Actions

Refer to the vendor's web site for the suggested workaround:
http://www.microsoft.com/technet/security/Bulletin/ms11-079.mspx

CVE References

CVE-2011-1969