Microsoft Security Bulletin MS05-004 Network Vulnerability

Summary

A canonicalization vulnerability exists in ASP.NET that could allow an attacker to bypass the security of an ASP.NET Web site and gain unauthorized access. An attacker who successfully exploited this vulnerability could take a variety of actions, depending on the specific contents of the website.

Solution

Microsoft has released a patch to correct this issue, you can download it from the following web site: http://www.microsoft.com/technet/security/Bulletin/MS05-004.mspx

Severity

Classification

CVE CVE-2004-0847

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Microsoft .NET Framework Privilege Elevation Vulnerability (2958732)
Microsoft Antimalware Client Privilege Elevation Vulnerability (2823482)
Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)
Microsoft Group Policy Remote Code Execution Vulnerability (3000483)
Microsoft Internet Explorer Multiple Code Execution Vulnerabilities (974455)

Take action and discover your vulnerabilities