Race condition in the NeatUpload ASP.NET component 1.2.11 up to and including 1.2.16, 1.1.18 up to and including 1.1.23, and trunk.379 through trunk.445 allows remote malicious users to obtain other clients' HTTP responses via multiple simultaneous requests, which triggers multiple calls to HttpWorkerRequest.FlushResponse for the same HttpWorkerRequest object and causes a buffer to be reused for a different request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
brettle development neatupload 1.2.12 |
||
brettle development neatupload 1.2.13 |
||
brettle development neatupload 1.1.22 |
||
brettle development neatupload 1.1.23 |
||
brettle development neatupload 1.2.11 |
||
brettle development neatupload trunk.380 |
||
brettle development neatupload trunk.381 |
||
brettle development neatupload 1.1.18 |
||
brettle development neatupload 1.1.19 |
||
brettle development neatupload 1.2.14 |
||
brettle development neatupload 1.2.15 |
||
brettle development neatupload 1.1.20 |
||
brettle development neatupload 1.1.21 |
||
brettle development neatupload 1.2.16 |
||
brettle development neatupload trunk.379 |