Jump to content
Free PC Help Forum
Logging In to Free PC Help Forum Has Changed

MS11-100 - Critical : Vulnerabilities in .NET Framework Could Allow Elevation of Privilege...

Guest Microsoft Security

By Guest Microsoft Security
in Microsoft Support & Discussions

 Share

Recommended Posts

Guest Microsoft Security

Guest Microsoft Security

Posted
Posted

Severity Rating: Critical

Revision Note: V1.1 (December 30, 2011): Added entry to the Update FAQ to address security-related changes to functionality contained in this update and added mitigation for CVE-2011-3414

Summary: This security update resolves one publicly disclosed vulnerability and three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of these vulnerabilities could allow elevation of privilege if an unauthenticated attacker sends a specially crafted web request to the target site. An attacker who successfully exploited this vulnerability could take any action in the context of an existing account on the ASP.NET site, including executing arbitrary commands. In order to exploit this vulnerability, an attacker must be able to register an account on the ASP.NET site, and must know an existing user name.

 

Continue reading...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...