4 matches found
CVE-2015-1648
The CVE-2015-1648 issue is an information-disclosure vulnerability in Microsoft .NET Framework’s ASP.NET when customErrors is disabled. The root cause is improper handling/sanitization of errors, allowing remote attackers to trigger requests that reveal parts of web configuration files. Affected ...
Microsoft ASP.NET Information Disclosure (MS15-041; CVE-2015-1648)
An information disclosure vulnerability exists in Microsoft .NET Framework. The vulnerability is due to improper requests sanitization on servers with error messages disabled. A remote attacker can exploit this vulnerability by sending specially crafted requests to the vulnerable server...
KLA10556 Obtain sensitive information vulnerability in .NET Framework
An unspecified vulnerability was found in Microsoft .NET. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed request. Original advisories MS15-041 CVE-2015-1648 Related products...
MS15-041: Vulnerability in .NET Framework Could Allow Information Disclosure (3048010)
The remote Windows host has a version of the Microsoft .NET Framework installed that is affected by an information disclosure vulnerability due to improper handling of requests on web servers that have custom error messages disabled. A remote, unauthenticated attacker can exploit this issue, via ...