Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)

This host is missing a critical security update according to Microsoft Bulletin MS11-100. OpenVAS Vulnerability Test $Id: secpodms11-100.nasl 5362 2017-02-20 12:46:39Z cfi $ Vulnerabilities in .NET Framework Could Allow Elevation of Privilege 2638420 Authors: Sooraj KS Copyright: Copyright c 2011...

Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)

This host is missing a critical security update according to Microsoft Bulletin MS11-100. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

PT-2011-4441 · Microsoft · .Net Framework +1

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 1.1 SP1 through 4.0 Description: A denial of service issue exists due to the way ASP.NET Framework handles specially crafted requests, causing a hash collision. This allows remote attackers to cause a denial ...

MS11-100: Vulnerability in the .NET Framework could allow elevation of privilege: December 29, 2011

This article contains details for the ASP.NET update for the .NET Framework.IntroductionMicrosoft has released security bulletin MS11-100. To view the complete security bulletin, visit one of the following Microsoft websites:Home...

Microsoft ASP.NET哈希冲突远程拒绝服务漏洞

UGTRAQ ID: 51186 CVE ID: CVE-2011-3414 ASP.NET是一套由Microsoft分发的帮助开发者构建基于WEB应用的系统。 Microsoft ASP.NET在处理其表单请求值时会造成哈希冲突，攻击者通过发送一些特制的ASP.NET表单请求到受影响ASP.NET站点利用此漏洞导致使用ASP.NET的站点CPU占用率剧增，失去响应正常情况的能力。 0 Microsoft .NET Framework 4.x Microsoft .NET Framework 3.x Microsoft .NET Framework 2.x Microsoft .NET...

PT-2011-4444 · Microsoft · .Net Framework +1

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 1.1 SP1 through 4.0 Description: The issue arises from the Forms Authentication feature in the ASP.NET subsystem when sliding expiry is enabled, leading to improper handling of cached content. This allows...

Multiple Programming Language Implementations Vulnerable to Hash Table Collision Attacks

US-CERT is aware of reports stating that multiple programming language implementations, including web platforms, are vulnerable to hash table collision attacks. This vulnerability could be used by an attacker to launch a denial-of-service attack against websites using affected products. The Ruby...

VulnCheck KEV: CVE-2010-3332

Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services IIS, provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View State aka...

Microsoft .NET Framework / Silverlight类继承限制漏洞(MS11-078)

CVE ID: CVE-2011-1508 .NET Framework是用于Windows的新托管代码编程模型，用于构建具有视觉上引人注目的用户体验的应用程序，实现跨技术边界的无缝通信，并且能支持各种业务流程。Silverlight 是一种新的 Web 呈现技术，能在各种平台上运行。 Microsoft .NET Framework和Microsoft Silverlight在类继承的实现上存在安全漏洞，恶意用户可通过特制的网页利用此漏洞控制用户系统。要成功利用，需要浏览器可以运行XBAPs或Silverlight应用程序。 Microsoft .NET Framework 4.x...

CVE-2011-1253

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, 3 a crafted .NE...

Design/Logic Flaw

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, 3 a crafted .NE...

CVE-2011-1253

Microsoft .NET Framework and Silverlight remote code execution vulnerability (CVE-2011-1253) arises from improper restriction of class inheritance. Affected: .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, 4, and Silverlight 4 prior to 4.0.60831. Impact: remote attackers can execute arbitrary co...

CVE-2011-1253

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, 3 a crafted .NE...

Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2604930)

This host is missing a critical security update according to Microsoft Bulletin MS11-078. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Patches 22 Security Holes, 12 Highly Exploitable, in October

Microsoft released eight security updates on Tuesday, repairing 22 security holes in its October patch release, with 12 of the 22 described as “consistently exploitable” by the company. The October patch release includes two bulletins that Microsoft rated “critical” to patch holes. The two...

Microsoft Releases October Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, .NET Framework, Silverlight, Forefront United Access Gateway, and Microsoft Host Integration Server as part of the Microsoft Security Bulletin Summary for October 2011. These vulnerabilities may all...

PT-2011-2991 · Microsoft · .Net Framework +1

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4 Silverlight versions prior to 4.0.60831 Description: A remote code execution issue exists due to improper restriction of inheritance within classes. This allows remote...

Microsoft Silverlight & .NET Framework Inheritance Restriction Remote Code Execution Vulnerability

Description Microsoft Silverlight and Microsoft .NET Framework are prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial-of-service...

MS11-078: Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2604930)

The remote Windows host is running a version of the Microsoft .NET Framework or Silverlight 4 that improperly restricts inheritance within classes. A remote attacker could exploit this issue by tricking a user into viewing a specially crafted web page, resulting in arbitrary code execution. C...

Microsoft to Ship 8 Bulletins in October

Microsoft is set to release eight bulletins in the October edition of Patch Tuesday. Two of the bulletins are rated as critical while the remaining six were given important ratings. The critically affected software includes Microsoft .NET Framework, Microsoft Silverlight, Microsoft Windows, and...