CVE-2010-3332

Vulnerability Description

Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View State (aka __VIEWSTATE) form data, and possibly forge cookies or read application files, via a padding oracle attack, aka "ASP.NET Padding Oracle Vulnerability."

CVSS Score

Affected Products

Related Weaknesses (CWE)

References

• http://blogs.technet.com/b/srd/archive/2010/09/17/understanding-the-asp-net-vulnVendor Advisory
• http://isc.sans.edu/diary.html?storyid=9568Third Party Advisory
• http://pentonizer.com/general-programming/aspnet-poet-vulnerability-what-else-caThird Party Advisory
• http://secunia.com/advisories/41409Third Party Advisory
• http://securitytracker.com/id?1024459Third Party AdvisoryVDB Entry
• http://threatpost.com/en_us/blogs/new-crypto-attack-affects-millions-aspnet-appsThird Party Advisory
• http://twitter.com/thaidn/statuses/24832350146Broken Link
• http://weblogs.asp.net/scottgu/archive/2010/09/18/important-asp-net-security-vulMitigationThird Party Advisory
• http://www.dotnetnuke.com/Community/Blogs/tabid/825/EntryId/2799/Oracle-Padding-Third Party Advisory
• http://www.ekoparty.org/juliano-rizzo-2010.phpBroken Link
• http://www.microsoft.com/technet/security/advisory/2416728.mspxBroken Link
• http://www.mono-project.com/Vulnerabilities#ASP.NET_Padding_OracleExploitThird Party Advisory
• http://www.securityfocus.com/bid/43316Third Party AdvisoryVDB Entry
• http://www.theinquirer.net/inquirer/news/1732956/security-researchers-destroy-miThird Party Advisory
• http://www.troyhunt.com/2010/09/fear-uncertainty-and-and-padding-oracle.htmlExploitThird Party Advisory