A heap buffer overflow in Fortinet FortiOS 6.0.0 up to and including 6.0.4, 5.6.0 up to and including 5.6.10, 5.4.0 up to and including 5.4.12, 5.2.14 and previous versions and FortiProxy 2.0.0, 1.2.8 and previous versions in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiproxy |
||
fortinet fortiproxy 2.0.0 |
||
fortinet fortios |