Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

microsoft asp.net 3.5 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2010-2088
ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted view state, which allows remote malicious users to conduct cross-site scripting (XSS) attacks against the form control via the __VIEWSTATE parameter.
Microsoft Asp.net 3.5
5.5
CVSSv3
CVE-2018-8356
A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Fr...
Microsoft .net Framework 3.0Microsoft .net Framework 3.5Microsoft .net Framework 3.5.1Microsoft .net Framework 4.5.2Microsoft .net Framework 4.6Microsoft .net Framework 4.6.2Microsoft .net Framework 4.7Microsoft .net Framework 4.7.1Microsoft .net Framework 4.7.2Microsoft .net Framework 4.6.1Microsoft Powershell Core 6.1Microsoft Powershell Core 6.0Microsoft .net Core 2.0Microsoft .net Core 1.0Microsoft .net Core 1.1Microsoft .net Framework Developer Pack 4.7.2Microsoft Asp.net Core 1.0Microsoft Asp.net Core 1.1Microsoft Asp.net Core 2.0
NA
CVE-2010-3332
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote malicious users to decrypt and modify encrypted Vie...
Microsoft .net Framework 1.1Microsoft .net Framework 2.0Microsoft .net Framework 3.5Microsoft .net Framework 3.5.1Microsoft .net Framework 4.0
NA
CVE-2011-1977
The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Control for Microsoft .NET Framework 3.5 SP1, do not properly verify functions in URIs, which allows remote malicious users to read arbitrary files via special characters in a URI in an HTTP request, aka "Ch...
Microsoft .net Framework 4.0Microsoft Chart Control For Microsoft .net Framework 3.5
NA
CVE-2010-3958
The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (...
Microsoft .net Framework 4.0Microsoft .net Framework 3.5.1Microsoft .net Framework 2.0Microsoft .net Framework 3.5
NA
CVE-2009-1536
ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote malicious users to cause a denial of service (daemon outage) via a series of crafted HTTP...
Microsoft .net Framework 3.5Microsoft Windows Vista -Microsoft .net Framework 2.0Microsoft Windows Server 2008 -Microsoft Windows Vista
NA
CVE-2011-1271
The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent malicious users to bypass intended access restrictions, and consequent...
Microsoft .net Framework 4.0Microsoft .net Framework 3.5.1Microsoft .net Framework 2.0Microsoft .net Framework 3.5
8.8
CVSSv3
CVE-2023-36899
ASP.NET Elevation of Privilege Vulnerability
Microsoft .net Framework 4.8Microsoft .net Framework 4.6.2Microsoft .net Framework 4.7Microsoft .net Framework 4.7.1Microsoft .net Framework 4.7.2Microsoft .net Framework 3.5Microsoft .net Framework 4.8.1Microsoft .net Framework 2.0
NA
CVE-2011-0664
Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 prior to 4.0.60531.0, does not properly validate arguments to unspecified networking API functions, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML b...
Microsoft .net Framework 4.0Microsoft .net Framework 3.5.1Microsoft .net Framework 2.0Microsoft .net Framework 3.5Microsoft Silverlight 4.0.60310.0
8.8
CVSSv3
CVE-2023-36560
ASP.NET Security Feature Bypass Vulnerability
Microsoft .net Framework 2.0Microsoft .net Framework 3.0Microsoft .net Framework 3.5Microsoft .net Framework 4.6.2Microsoft .net Framework 4.7Microsoft .net Framework 4.7.1Microsoft .net Framework 4.7.2Microsoft .net Framework 4.8Microsoft .net Framework 4.8.1Microsoft .net Framework 3.5.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook