Search Results (Refine Search)
- CPE Product Version: cpe:/a:microsoft:.net_framework:1.0:sp1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2010-2085 |
The default configuration of ASP.NET in Microsoft .NET before 1.1 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the __VIEWSTATE parameter. Published: May 27, 2010; 3:00:01 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2006-1510 |
Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll system library, when used by the ILDASM disassembler in the Microsoft .NET 1.0 and 1.1 SDK, might allow user-assisted attackers to execute arbitrary code via a crafted .dll file with a large static method. Published: March 29, 2006; 8:06:00 PM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2006-1511 |
Buffer overflow in the ILASM assembler in the Microsoft .NET 1.0 and 1.1 Framework might allow user-assisted attackers to execute arbitrary code via a .il file that calls a function with a long name. Published: March 29, 2006; 8:06:00 PM -0500 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2005-0509 |
Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<". Published: March 14, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |