Thursday, July 13, 2006

Time to update .NET 2.0

This Information Disclosure vulnerability could allow an attacker to bypass ASP.Net security and gain unauthorized access to objects in the Application folders explicitly by name. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce useful information that could be used to try to further compromise the affected system.

Microsoft Security Bulletin MS06-033: Vulnerability in ASP.NET Could Allow Information Disclosure (917283)

technorati tags:,

No comments: