Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:26129
HistoryDec 30, 2011 - 12:00 a.m.

Microsoft .NET Framework表单验证URL存在欺骗漏洞

2011-12-3000:00:00
Root
www.seebug.org
28

0.605 Medium

EPSS

Percentile

97.8%

JSON

BUGTRAQ ID: 51202
CVE ID: CVE-2011-3415

ASP.NET是一套由Microsoft分发的帮助开发者构建基于WEB应用的系统。

Microsoft .NET Framework在表单验证过程中验证返回的URL时存在欺骗漏洞,成功利用此漏洞的攻击者可将用户重定向到恶意站点,然后执行钓鱼攻击,获取用户敏感信息。此漏洞不允许攻击者直接执行代码或提升其用户权限。
0
Microsoft .NET Framework 4.x
Microsoft .NET Framework 3.x
Microsoft .NET Framework 2.x
Microsoft .NET Framework 1.x
厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(ms11-100)以及相应补丁:

ms11-100:Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)

链接:http://www.microsoft.com/technet/security/bulletin/ms11-100.mspx

Related

nvd 1
cve 1
checkpoint_advisories 1
prion 1
jvn 1
cvelist 1
openvas 2
nessus 1
securityvulns 1
nvd
nvd
CVE-2011-3415
2011-12-30 01:55:01
cve
cve
CVE-2011-3415
2011-12-30 01:55:01
checkpoint_advisories
checkpoint_advisories
Microsoft .Net Form Authentication Insecure Redirect (MS11-100; CVE-2011-3415)
2011-12-30 00:00:00
prion
prion
Open redirect
2011-12-30 01:55:00
jvn
jvn
JVN#71256611: ASP.NET vulnerable to open redirect
2013-11-15 00:00:00
cvelist
cvelist
CVE-2011-3415
2011-12-30 01:00:00
openvas
openvas
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)
2011-12-30 00:00:00
Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)
2011-12-30 00:00:00
nessus
nessus
MS11-100: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2638420)
2011-12-29 00:00:00
securityvulns
securityvulns
Microsoft .Net multiple security vulnerabilities
2012-03-26 00:00:00

0.605 Medium

EPSS

Percentile

97.8%

JSON
Related for SSV:26129
nvd1cve1checkpoint_advisories1prion1jvn1cvelist1openvas2nessus1securityvulns1