The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Sgos | Bluecoat | * | 4.3.4 (including) |
| Sgos | Bluecoat | 3.2.6 (including) | 3.2.6 (including) |
| Sgos | Bluecoat | 4.1.2.1 (including) | 4.1.2.1 (including) |
| Sgos | Bluecoat | 4.2.1.2 (including) | 4.2.1.2 (including) |
| Sgos | Bluecoat | 4.2.1.6 (including) | 4.2.1.6 (including) |
| Sgos | Bluecoat | 4.2.2 (including) | 4.2.2 (including) |
| Sgos | Bluecoat | 4.2.2.1 (including) | 4.2.2.1 (including) |
| Sgos | Bluecoat | 4.2.2.2 (including) | 4.2.2.2 (including) |
| Sgos | Bluecoat | 4.2.3 (including) | 4.2.3 (including) |
| Sgos | Bluecoat | 4.2.3.4 (including) | 4.2.3.4 (including) |
| Sgos | Bluecoat | 4.2.3.7 (including) | 4.2.3.7 (including) |
| Sgos | Bluecoat | 4.2.3.12 (including) | 4.2.3.12 (including) |
| Sgos | Bluecoat | 4.2.3.21 (including) | 4.2.3.21 (including) |
| Sgos | Bluecoat | 4.2.3.26 (including) | 4.2.3.26 (including) |
| Sgos | Bluecoat | 4.2.4.1 (including) | 4.2.4.1 (including) |
| Sgos | Bluecoat | 4.2.5 (including) | 4.2.5 (including) |
| Sgos | Bluecoat | 4.2.5.1 (including) | 4.2.5.1 (including) |
| Sgos | Bluecoat | 4.2.6 (including) | 4.2.6 (including) |
| Sgos | Bluecoat | 4.2.6.1 (including) | 4.2.6.1 (including) |
| Sgos | Bluecoat | 4.2.6.4 (including) | 4.2.6.4 (including) |
| Sgos | Bluecoat | 4.2.7.1 (including) | 4.2.7.1 (including) |
| Sgos | Bluecoat | 5.2.2.4 (including) | 5.2.2.4 (including) |
| Sgos | Bluecoat | 5.4.5 (including) | 5.4.5 (including) |
| Sgos | Bluecoat | 5.5.4 (including) | 5.5.4 (including) |
| Sgos | Bluecoat | 6.1.2 (including) | 6.1.2 (including) |