Microsoft .NET Framework Information Disclosure Vulnerability

Last Update Date: 15 Apr 2015 15:00 Release Date: 15 Apr 2015 3200 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

An information disclosure vulnerability exists in ASP.NET that is caused when ASP.NET improperly handles certain requests on systems that have custom error messages disabled. An attacker who successfully exploited the vulnerability would be able to view parts of a web configuration file, which could expose sensitive information.

Impact

  • Information Disclosure

System / Technologies affected

  • Microsoft .NET Framework 1.1 Service Pack 1
  • Microsoft .NET Framework 2.0 Service Pack 2
  • Microsoft .NET Framework 3.5
  • Microsoft .NET Framework 3.5.1
  • Microsoft .NET Framework 4
  • Microsoft .NET Framework 4.5/4.5.1/4.5.2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Active Directory Federation Services Information Disclosure Vulnerability

15 Apr 2015 3278 Views

Next

Microsoft Windows Hyper-V Denial of Service Vulnerability

15 Apr 2015 3302 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY