Microsoft .NET Framework ASP.NET Forms Security Bypass Vulnerability (CVE-2011-3416)
Severity: : High
CVE Kennungen: : CVE-2011-3416,MS11-100
Advisory Date: 21 de июля de 2015
DESCRIPTION
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability."
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Name: 1006143 - Microsoft .NET Framework ASP.NET Forms Security Bypass Vulnerability (CVE-2011-3416)
AFFECTED SOFTWARE AND VERSION:
- microsoft windows_7 -
- microsoft windows_server_2003
- microsoft windows_server_2008
- microsoft windows_server_2008 -
- microsoft windows_server_2008 r2
- microsoft windows_vista
- microsoft windows_vista -
- microsoft windows_xp
- microsoft windows_xp sp3