Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2010-1459
HistoryMay 27, 2010 - 12:00 a.m.

CVE-2010-1459

2010-05-2700:00:00
ubuntu.com
ubuntu.com
9

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

71.8%

JSON

The default configuration of ASP.NET in Mono before 2.6.4 has a value of
FALSE for the EnableViewStateMac property, which allows remote attackers to
conduct cross-site scripting (XSS) attacks, as demonstrated by the
__VIEWSTATE parameter to 2.0/menu/menu1.aspx in the XSP sample project.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchmono< 2.4.4~svn151842-1ubuntu4.1UNKNOWN

Related

openvas 19
nessus 7
fedora 9
github 1
cve 1
debiancve 1
prion 1
osv 1
openvas
openvas
Fedora Update for gnome-sharp FEDORA-2010-10332
2010-07-16 00:00:00
Fedora Update for mono-basic FEDORA-2010-10332
2010-07-16 00:00:00
Fedora Update for mono-basic FEDORA-2010-10332
2010-07-16 00:00:00
nessus
nessus
Fedora 13 : gnome-sharp-2.24.1-1.fc13 / gtksourceview-sharp-2.0.12-11.fc13 / libgdiplus-2.6.4-1.fc13 / etc (2010-10332)
2010-07-14 00:00:00
SuSE 11 / 11.1 Security Update : mono-core / Mono (SAT Patch Numbers 2326 / 2474)
2010-12-02 00:00:00
openSUSE Security Update : bytefx-data-mysql (openSUSE-SU-2010:0342-1)
2010-07-01 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: gnome-sharp-2.24.1-1.fc13
2010-07-13 07:47:49
[SECURITY] Fedora 13 Update: libgdiplus-2.6.4-1.fc13
2010-07-13 07:47:49
[SECURITY] Fedora 13 Update: xsp-2.6.4-1.fc13
2010-07-13 07:47:49
github
github
Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerability
2022-05-02 06:22:59
cve
cve
CVE-2010-1459
2010-05-27 19:00:00
debiancve
debiancve
CVE-2010-1459
2010-05-27 19:00:00
prion
prion
Cross site scripting
2010-05-27 19:00:00
osv
osv
Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerability
2022-05-02 06:22:59

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

71.8%

JSON
Related for UB:CVE-2010-1459
openvas19nessus7fedora9github1cve1debiancve1prion1osv1