Microsoft UDDI Services Elevation of Privilege Vulnerability

Last Update Date: 14 Aug 2015 Release Date: 12 Aug 2015 3157 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

An elevation of privilege exists in Microsoft Windows when the Universal Description, Discovery, and Integration (UDDI) Services improperly validate or sanitize the search parameter in a FRAME tag. An attacker who successfully exploited this vulnerability could leak authorization cookies or unexpectedly redirect a user to a malicious webpage.

Impact

  • Elevation of Privilege

System / Technologies affected

  • Microsoft Windows Server 2008
  • Microsoft BizTalk Server 2010
  • Microsoft BizTalk Server 2013
  • Microsoft BizTalk Server 2013 R2

 

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft System Center Operations Manager Elevation of Privilege Vulnerability

12 Aug 2015 3021 Views

Next

Microsoft Windows Unsafe Command Line Parameter Passing Vulnerability

12 Aug 2015 3212 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY