Microsoft Security BulletinUnchecked Buffer in ASP.NET Worker Process. | |
Download |
Microsoft Security Bulletin Ranking & Summary
Advertisement
- License:
- Update
- Publisher Name:
- Microsoft
- Publisher web site:
- http://www.microsoft.com/
- Operating Systems:
- Windows 2000, Windows NT, Windows XP
- File Size:
- 1.14MB
Microsoft Security Bulletin Tags
Microsoft Security Bulletin Description
From Microsoft: Who should read this bulletin: Customers operating web servers running ASP.NET applications. Impact of vulnerability: Denial of Service, Potentially Run Code of Attacker's Choice. Maximum Severity Rating: Moderate Recommendation: Customers using StateServer mode should apply the patch. Customers who do not use StateServer mode need not take any action. Affected Software: Microsoft .NET Framework version 1.0, of which ASP.NET is a component. When working with Microsoft ASP.NET, a component of the Microsoft .NET Framework provides for session state management through a variety of modes. One such mode, called StateServer, stores session state information in a separate running process that can run on either the same machine as the ASP.NET-based application or on a different machine. An unchecked buffer in one of the routines handles the processing of cookies in StateServer mode, resulting in a security vulnerability.
Microsoft Security Bulletin Related Software