4 matches found
CVE-2010-2084
Microsoft ASP.NET 2.0 does not prevent setting the InnerHtml property on a control that inherits from HtmlContainerControl, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to an attribute...
Security Bulletin: IBM Cognos Command Center has addressed vulnerabilities IBM® Semeru Java™ Version 11, Apache ActiveMQ and Microsoft .Net MVC Framework for ASP.Net
Summary There are vulnerabilities in IBM® Semeru Java™ Version 11, Apache ActiveMQ and Microsoft .Net MVC Framework for ASP.Net used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.5 IF1 has addressed the applicable CVEs by upgrading to non-vulnerable versions of these libraries...
Microsoft ASP.NET 2.0 InnerHtml属性远程跨站脚本漏洞
CVE ID: CVE-2010-2084 ASP.NET是一套由Microsoft分发的帮助开发者构建基于WEB应用的系统。 大多数ASP.NET控件都是从HtmlContainerControl继承的,而ASP.NET 2.0没有禁止对其设置InnerHtml属性,这可能导致跨站脚本攻击。 Microsoft ASP.NET 2.0 厂商补丁: Microsoft --------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.microsoft.com/technet/security/...
CVE-2010-2084
CVE-2010-2084 affects Microsoft ASP.NET 2.0. The vulnerability arises because InnerHtml can be set on controls inheriting from HtmlContainerControl, enabling remote XSS via attribute-related vectors. Documented impacts are limited to XSS; no exploit or patch/version details are provided in the su...