Microsoft Download Center Archive
 | Security Update for Unified Access Gateway 2010 with Update 2 (KB2418933) |
Vulnerabilities in Forefront Unified Access Gateway could Cause Cross Site Scripting Resulting in Elevation of Privilege
- This security update resolves four privately reported vulnerabilities in Forefront Unified Access Gateway 2010 (UAG). The most severe of these vulnerabilities could allow elevation of privilege if a user visits an affected Web site using a specially crafted URL. An attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability.
Here are the cases with the severity rating:
UAG Redirection Issue May Allow Phishing Vulnerability - CVE-2010-2732 (Important - Spoofing)
UAG XSS Allows EOP Vulnerability - CVE-2010-2733 (Important - Elevation of Privilege)
XSS Issue on UAG Mobile Portal Website in Forefront Unified Access Gateway Vulnerability - CVE-2010-2734 (Important - Elevation of Privilege)
XSS in Sginurl.asp Vulnerability - CVE-2010-3936 (Important - Elevation of Privilege)
| Knowledge Base Articles: | |
|---|---|
| Security Bulletins: |
Files
 | Status: DeletedThis download is no longer available on microsoft.com. The downloads below are archives provided by the Internet Archive Wayback Machine from the Microsoft Download Center prior to August 2020. |
| File | Size |
|---|---|
 UAG-KB2418933-v4.0.1269.250-ENU.mspSHA1: 6d0b099103a136c9d82fb372dfe162bf8e21cdfd | 4.78 MB |
System Requirements
Operating Systems: Windows Server 2008 R2
- Forefront UAG can be installed on computers running the Windows Server 2008 R2 Standard or Windows Server 2008 R2 Enterprise 64-bit operating systems.
Installation Instructions
- 1. For the file you want to download, click the Download button on this page.
2. Click Save to download to your computer.