Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1300

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1300
Last Modified 07 Mar 2011 09:32:44
Published 11 Jul 2006 05:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1300

Summary

Microsoft .NET framework 2.0 (ASP.NET) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to bypass access restrictions via unspecified "URL paths" that can access Application Folder objects "explicitly by name."

Vulnerable Systems

Application

  • Microsoft .net Framework 2.0


References

BID - 18920

MS - MS06-033

SECTRACK - 1016465

VUPEN - ADV-2006-2751

XF - ms-aspnet-appcode-information-disclosure(26802)

OSVDB - 27153

SECUNIA - 20999


Last Updated: 27 May 2016 10:42:00