Summary
The ISA Server 2000 and Proxy Server 2.0 have been found to be vulnerable to a spoofing vulnerability that could enable an attacker to spoof trusted Internet content. Users could believe they are accessing trusted Internet content when in reality they are accessing malicious Internet content, for example a malicious Web site. However, an attacker would first have to persuade a user to visit the attacker's to attempt to exploit this vulnerability.
See http://www.microsoft.com/technet/security/bulletin/ms04-039.mspx
Severity
Classification
-
CVE CVE-2004-0892 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2604930)
- Microsoft Active Accessibility Remote Code Execution Vulnerability (2623699)
- Microsoft .NET Framework Remote Code Execution Vulnerability (3000414)
- Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (2870699)
- Microsoft Ancillary Function Driver Elevation of Privilege Vulnerability (956803)