Microsoft .NET Framework ASP.NET Padding Oracle Information Disclosure Vulnerability

Bugtraq ID: 43316
Class: Design Error
CVE: CVE-2010-3332
Remote: Yes
Local: No
Published: Sep 17 2010 12:00AM
Updated: Jun 22 2012 12:20AM
Credit: Thai Duong and Juliano Rizzo
Vulnerable: Microsoft SharePoint Services 64-bit 2.0
Microsoft SharePoint Services 3.0 SP2
Microsoft SharePoint Services 3.0 SP1
Microsoft SharePoint Server 2010 Standard Edition 0
Microsoft SharePoint Server 2010 Enterprise Edition 0
Microsoft SharePoint Server 2007 x64 SP2
Microsoft SharePoint Server 2007 x64 SP1
Microsoft SharePoint Server 2007 x64 0
Microsoft SharePoint Server 2007 Standard Edition 0
Microsoft SharePoint Server 2007 Enterprise Edition 0
Microsoft SharePoint Server 2007 SP2
Microsoft SharePoint Server 2007 SP1
Microsoft SharePoint Server 2007 12.0.0.6421
Microsoft SharePoint Server 2007 12.0.0.6318
Microsoft SharePoint Server 2007 0
Microsoft .NET Framework 4.0
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.0
Microsoft .NET Framework 2.0 SP2
Microsoft .NET Framework 2.0 SP1
Microsoft .NET Framework 2.0
Microsoft .NET Framework 1.1 SP3
Microsoft .NET Framework 1.1 SP2
Microsoft .NET Framework 1.1 SP1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.0 SP3
Microsoft .NET Framework 1.0 SP2
Microsoft .NET Framework 1.0 SP1
Microsoft .NET Framework 1.0
Gentoo Linux
Avaya Messaging Application Server MM 3.1
Avaya Messaging Application Server MM 3.0
Avaya Messaging Application Server MM 2.0
Avaya Messaging Application Server MM 1.1
Avaya Messaging Application Server 5
Avaya Messaging Application Server 4
Avaya Messaging Application Server 0
Avaya Meeting Exchange - Webportal 0
Avaya Meeting Exchange - Web Conferencing Server 0
Avaya Meeting Exchange - Streaming Server 0
Avaya Meeting Exchange - Recording Server 0
Avaya Meeting Exchange - Client Registration Server 0
Avaya Communication Server 1000 Telephony Manager 0
Avaya CallPilot Unified Messaging 0
Avaya Aura Conferencing 6.0 Standard
Avaya Aura Conferencing 6.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus