4.3

CVE-2006-7192

Microsoft ASP .NET Framework 2.0.50727.42 does not properly handle comment (/* */) enclosures, which allows remote attackers to bypass request filtering and conduct cross-site scripting (XSS) attacks, or cause a denial of service, as demonstrated via an xss:expression STYLE attribute in a closing XSS HTML tag.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft.Net Framework Version2.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 22.81% 0.974
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://osvdb.org/35269
http://securityreason.com/securityalert/2530
http://www.cpni.gov.uk/docs/re-20061020-00710.pdf
http://www.procheckup.com/Vulner_PR0703.php
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/464796/100/0/threaded
http://www.securityfocus.com/bid/20753