CVE-2006-2918

2006-06-23T21:06:00
ID CVE-2006-2918
Type cve
Reporter cve@mitre.org
Modified 2018-10-18T16:43:00

Description

The Lanap BotDetect APS.NET CAPTCHA component before 1.5.4.0 stores the UUID and hash for a CAPTCHA in the ViewState of a page, which makes it easier for remote attackers to conduct automated attacks by "replaying the ViewState for a known number."