NUEVA VULNERABILIDAD, Microsoft .NET Framework ASP.NET Padding Oracle Information Disclosure Vulnerability
Posted: 21/9/10 by komz in Etiquetas: microsoft, Microsoft ASP.NET, Vulnerabilidades, zero day vulnerability
0
Microsoft .NET Framework is prone to an information-disclosure vulnerability that affects ASP.NET.
Successful exploits will allow attackers to decrypt and gain access to potentially sensitive data encrypted by the server or read data from arbitrary files within an ASP.NET application. Obtained information may aid in further attacks.
This issue affects Microsoft .NET Framework versions 4.0 and prior.
REFERENCIA DE LA VULNERABILIDAD
OTRA REFERENCIA
Desde Vulnerability Team exortamos a los usuarios y administradores revisar las notificaciones y aplicar las actualizaciones necesarias, para ayudar a mitigar los riesgos.
fuente: securityfocus.com