Check Point Advisories

Preemptive Protection against Microsoft Active Directory Certificate Services Cross-Site Scripting (MS11-051; CVE-2011-1264)

Check Point Reference: CPAI-2011-452
Date Published: 4 Oct 2011
Severity: High
Last Updated: 1 Jan 2011
Source: Microsoft Security Bulletin MS11-051
Industry Reference:CVE-2011-1264
Protection Provided by:
Who is Vulnerable? Windows servers with Certificate Services installed.
Vulnerability Description A cross-site scripting vulnerability has been reported in Microsoft Active Directory Certificate Services.
Update/Patch AvaliableApply patches from:
MS11-051
Vulnerability DetailsThe vulnerability is due to insufficient validation of user input by the affected service. A remote attacker may exploit this vulnerability by sending specially crafted post requests to the server. Successful exploitation could allow the attacker to execute a client-side script in the affected component, which may lead to information disclosure.

Protection Overview

×
  Feedback
This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO