Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3415

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-3415
Last Modified 30 Dec 2013 11:10:15
Published 29 Dec 2011 08:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3415

Summary

Open redirect vulnerability in the Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted return URL, aka "Insecure Redirect in .NET Form Authentication Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 7 -

  • Microsoft Windows Server 2003

  • Microsoft Windows Server 2008

  • Microsoft Windows Server 2008 -

  • Microsoft Windows Server 2008 R2

  • Microsoft Windows Vista

  • Microsoft Windows Vista -

  • Microsoft Windows Xp

  • Microsoft Windows Xp Sp3


References

MS - MS11-100

BID - 51202

JVNDB - JVNDB-2011-003557

JVN - JVN#71256611

Related Patches

MS11-100 2638420 2656358 Security Update for .NET Framework 1.1 SP1 for Windows 2003

MS11-100 2638420 2657424 Security Update for .NET Framework 3.5 SP1 (All Languages)

MS11-100 2638420 2656355 2656356 Security Update for .NET Framework 3.5.1 (All Languages) (Rev 2)

MS11-100 2638420 2656351 Security Update for .NET Framework 4.0 (All Languages) (Rev 3)

MS11-100 2638420 2656352 2656362 Security Update for .NET Framework 2.0 SP2 (All Languages)

MS11-100 Security Update for Microsoft .NET Framework 3.5 SP1 on Win XP, Server 2003, Vista, Server 2008 x86 (KB2657424)

MS11-100 Security Update for .NET Framework 3.5 SP1 on Win XP, Server 2003, Vista and Server 2008 for x64 (KB2657424)

MS12-035 MS11-100 2693777 2638420 2656353 Security Update for .NET Framework 1.1 SP1 (All Languages) (See Notes) (Rev 2)


Last Updated: 27 May 2016 10:57:58