Microsoft ASP.NET AutoPostBack Variable Cross-Site Scripting Vulnerability

Bugtraq ID: 20337
Class: Input Validation Error
CVE: CVE-2006-3436
Remote: Yes
Local: No
Published: Oct 10 2006 12:00AM
Updated: Oct 13 2006 05:09PM
Credit: Jaswinder Hayre discovered this vulnerability.
Vulnerable: Microsoft Windows XP Tablet PC Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Professional SP2
Microsoft Windows XP Professional SP1
Microsoft Windows XP Media Center Edition SP2
Microsoft Windows XP Media Center Edition SP1
Microsoft Windows XP Media Center Edition
Microsoft Windows XP Home SP2
Microsoft Windows XP Home SP1
Microsoft Windows Server 2003 Web Edition SP1
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Standard Edition SP1
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Enterprise Edition SP1
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Datacenter Edition SP1
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows 2000 Server SP4
Microsoft .NET Framework 2.0
Not Vulnerable: Microsoft .NET Framework 1.1 SP3
Microsoft .NET Framework 1.1 SP2
Microsoft .NET Framework 1.1 SP1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.0 SP3
Microsoft .NET Framework 1.0 SP2
Microsoft .NET Framework 1.0 SP1
Microsoft .NET Framework 1.0


 

Privacy Statement
Copyright 2010, SecurityFocus