Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMicrosoftCVELIST:CVE-2010-3332
HistorySep 22, 2010 - 6:00 p.m.

CVE-2010-3332

2010-09-2218:00:00
microsoft
www.cve.org
1

6 Medium

AI Score

Confidence

Low

0.969 High

EPSS

Percentile

99.7%

JSON

Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View State (aka __VIEWSTATE) form data, and possibly forge cookies or read application files, via a padding oracle attack, aka “ASP.NET Padding Oracle Vulnerability.”

References

Related

nessus 6
seebug 1
mskb 1
openvas 4
prion 1
checkpoint_advisories 2
cve 1
nvd 1
gentoo 1
nessus
nessus
SuSE 10 Security Update : Mono (ZYPP Patch Number 8001)
2012-03-21 00:00:00
MS10-070: Vulnerability in ASP.NET Could Allow Information Disclosure (2418042) (uncredentialed check)
2010-10-08 00:00:00
CGI Generic Padding Oracle
2010-10-29 00:00:00
seebug
seebug
MS10-070 ASP.NET Padding Oracle File Download
2010-10-17 00:00:00
mskb
mskb
MS10-070: Vulnerability in ASP.NET could allow information disclosure
2012-05-11 22:22:14
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2012:0393-1)
2021-06-09 00:00:00
Microsoft ASP.NET Information Disclosure Vulnerability (2418042)
2010-09-29 00:00:00
Gentoo Security Advisory GLSA 201206-13 (mono mono-debugger)
2012-08-10 00:00:00
prion
prion
Buffer overflow
2010-09-22 19:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft ASP.NET PKCS Padding Information Disclosure (MS10-070; CVE-2010-3332)
2012-12-23 00:00:00
Multiple HTTP Error Responses (CVE-2010-3332)
2010-09-19 00:00:00
cve
cve
CVE-2010-3332
2010-09-22 19:00:06
nvd
nvd
CVE-2010-3332
2010-09-22 19:00:06
gentoo
gentoo
Mono: Multiple vulnerabilities
2012-06-21 00:00:00

6 Medium

AI Score

Confidence

Low

0.969 High

EPSS

Percentile

99.7%

JSON
Related for CVELIST:CVE-2010-3332
nessus6seebug1mskb1openvas4prion1checkpoint_advisories2cve1nvd1gentoo1