Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-1459HistoryMay 27, 2010 - 7:00 p.m.
CVE-2010-1459
2010-05-2719:00:00
Debian Security Bug Tracker
security-tracker.debian.org
6
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
71.8%
The default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by the __VIEWSTATE parameter to 2.0/menu/menu1.aspx in the XSP sample project.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | mono | < 2.4.4~svn151842-3 | mono_2.4.4~svn151842-3_all.deb |
| Debian | 11 | all | mono | < 2.4.4~svn151842-3 | mono_2.4.4~svn151842-3_all.deb |
| Debian | 10 | all | mono | < 2.4.4~svn151842-3 | mono_2.4.4~svn151842-3_all.deb |
| Debian | 999 | all | mono | < 2.4.4~svn151842-3 | mono_2.4.4~svn151842-3_all.deb |
| Debian | 13 | all | mono | < 2.4.4~svn151842-3 | mono_2.4.4~svn151842-3_all.deb |
Related
openvas
openvas
Fedora Update for gtksourceview-sharp FEDORA-2010-10332
2010-07-16 00:00:00
Fedora Update for xsp FEDORA-2010-10332
2010-07-16 00:00:00
Fedora Update for mono-tools FEDORA-2010-10332
2010-07-16 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: libgdiplus-2.6.4-1.fc13
2010-07-13 07:47:49
[SECURITY] Fedora 13 Update: mod_mono-2.6.3-1.fc13
2010-07-13 07:47:49
[SECURITY] Fedora 13 Update: mono-tools-2.6.2-1.fc13
2010-07-13 07:47:49
nessus
nessus
openSUSE Security Update : bytefx-data-mysql (openSUSE-SU-2010:0342-1)
2010-07-01 00:00:00
openSUSE Security Update : bytefx-data-mysql (openSUSE-SU-2010:0342-1)
2010-07-01 00:00:00
openSUSE Security Update : bytefx-data-mysql (openSUSE-SU-2010:0342-1)
2010-07-01 00:00:00
cve
cve
CVE-2010-1459
2010-05-27 19:00:00
ubuntucve
ubuntucve
CVE-2010-1459
2010-05-27 00:00:00
osv
osv
Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerability
2022-05-02 06:22:59
github
github
Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerability
2022-05-02 06:22:59
prion
prion
Cross site scripting
2010-05-27 19:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
71.8%
Related for DEBIANCVE:CVE-2010-1459