CVE-2005-1665

UNRATED

Description

The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service (CPU consumption) via deeply nested markup.

Affected products

Microsoft / ASP.NET1.0 – 1.0
Microsoft / ASP.NET1.1 – 1.1

References

MAILING_LISThttp://marc.info/?l=bugtraq&m=111513127704270&w=2
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/20408
MISChttp://scottonwriting.net/sowblog/posts/3747.aspx
MISChttp://www.osvdb.org/16195
VENDOR_ADVISORYhttp://secunia.com/advisories/15241

Updated 44m ago · 2 sources