cve-2010-3332

About this tag
CVE-2010-3332, also known as the ASP.NET Padding Oracle Vulnerability, was a security issue in Microsoft's ASP.NET framework that could allow information disclosure. Microsoft released Security Advisory 2416728 and later security bulletin MS10-070 to address this vulnerability. The advisory provided details about the issue and offered workarounds, such as enabling UrlScan or Request Filtering rules and configuring custom error pages. The security update was made available for download to fully resolve the vulnerability. This tag covers discussions and updates related to CVE-2010-3332, including the advisory revisions and the eventual patch release.
  1. News

    Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure -

    Revision Note: V2.0 (September 28, 2010): Advisory updated to reflect publication of security bulletin Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-070 to address this issue. For more information about this issue...
  2. News

    Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure -

    Revision Note: V2.0 (September 28, 2010): Advisory updated to reflect publication of security bulletin Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-070 to address this issue. For more information about this issue...
  3. News

    Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure

    Revision Note: V2.0 (September 28, 2010): Advisory updated to reflect publication of security bulletinSummary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-070 to address this issue. For more information about this issue, including...
  4. News

    Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure -

    Revision Note: V2.0 (September 28, 2010): Advisory updated to reflect publication of security bulletin Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-070 to address this issue. For more information about this issue...
  5. News

    Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure

    Revision Note: V1.2 (September 24, 2010): Added an entry to the FAQ to announce a revision to the workaround, "Enable a UrlScan or Request Filtering rule, enable ASP.NET custom errors, and map all error codes to the same error page." Customers who have already applied the workaround should...
Back
Top