|
|
Info |
Last Modified |
| 6 months ago |
|
|
|
|
Description |
.NET Framework contains a flaw that allows a remote attacker to access files outside of the web path. The issue is due to ASP.NET not properly sanitizing URLs, which may allow an attacker to gain unauthorized access to files.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Confidentiality
Exploit:
Exploit Unknown
Disclosure:
OSVDB Verified
OSVDB:
Web Related
|
|
Solution |
Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.
|
|
Products |
|
.NET Framework
 |
2.0 |
|
|
|
|
|
|
Credit |
- Urs Eichmann - PRISMA Informatik
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|