Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Microsoft KB
Microsoft KBadded 2018/04/24 7:15 p.m.136 views

MS07-040: Vulnerabilities in the .NET Framework could allow remote code execution

Resolves three privately reported vulnerabilities. Two of these vulnerabilities could allow remote code execution on client systems that have the .NET Framework installed. One could allow information disclosure on Web servers that are running ASP.NET.INTRODUCTIONMicrosoft has released security...

9.3CVSS7.2AI score0.81926EPSS
Exploits2
NVD
NVDadded 2008/08/27 8:41 p.m.17 views

CVE-2008-3843

Request Validation aka the ValidateRequest filters in ASP.NET in Microsoft .NET Framework with the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated by a query string containing a "/" less-th...

4.3CVSS5.7AI score0.11666EPSS
Exploits0References6
Prion
Prionadded 2008/08/27 8:41 p.m.16 views

Cross site scripting

Request Validation aka the ValidateRequest filters in ASP.NET in Microsoft .NET Framework with the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated by a query string containing a "/" less-th...

4.3CVSS5.8AI score0.11666EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2008/08/27 8:0 p.m.16 views

CVE-2008-3842

Request Validation aka the ValidateRequest filters in ASP.NET in Microsoft .NET Framework without the MS07-040 update does not properly detect dangerous client input, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated by a query string containing a "/"...

5.8AI score0.11493EPSS
Exploits0References4
CVE
CVEadded 2008/08/27 8:0 p.m.69 views

CVE-2008-3843

CVE-2008-3843 describes a bypass of ASP.NET Request Validation (ValidateRequest filters) in the Microsoft .NET Framework when MS07-040 is installed. The vulnerability arises from the framework failing to properly detect dangerous input, enabling cross-site scripting (XSS) via crafted client data,...

4.3CVSS5.7AI score0.11666EPSS
Exploits0References6Affected Software1
securityvulns
securityvulnsadded 2007/07/10 12:0 a.m.105 views

Microsoft Security Bulletin MS07-040 - Critical Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212)

Microsoft Security Bulletin MS07-040 - Critical Vulnerabilities in .NET Framework Could Allow Remote Code Execution 931212 Published: July 10, 2007 Version: 1.0 General Information Executive Summary This update resolves three privately reported vulnerabilities. Two of these vulnerabilities could...

9.3CVSS2.4AI score0.81926EPSS
Exploits2
Tenable Nessus
Tenable Nessusadded 2007/07/10 12:0 a.m.158 views

MS07-040: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212)

The remote host is running a version of the ASP.NET framework that contains multiple vulnerabilities : - A PE Loader vulnerability could allow an attacker to execute arbitrary code with the privileges of the logged-on user. - An ASP.NET NULL byte termination vulnerability could allow an attacker ...

9.3CVSS6.1AI score0.81926EPSS
Exploits2References5
Rows per page
Query Builder