(MS15-040) Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (3045711)
Schweregrad:: Hoch
CVE Kennungen:: CVE-2015-1638
Hinweisdatum: 22 April 2015
Beschreibung
This update resolves an information disclosure vulnerability found in Active Directory Federation Services 3.0 in Windows Server 2012. An attacker who successfully exploits this vulnerability may obtain information contained in the browser even if a user has logged off from the system.
Lösungen
Betroffene Software und Version:
- Windows Server 2012 R2
- Windows Server 2012 R2 (Server Core installation)