About this tag
CVE-2010-3332, also known as the ASP.NET Padding Oracle Vulnerability, was a security issue in Microsoft's ASP.NET framework that could allow information disclosure. Microsoft released Security Advisory 2416728 and later security bulletin MS10-070 to address this vulnerability. The advisory provided details about the issue and offered workarounds, such as enabling UrlScan or Request Filtering rules and configuring custom error pages. The security update was made available for download to fully resolve the vulnerability. This tag covers discussions and updates related to CVE-2010-3332, including the advisory revisions and the eventual patch release.
-
Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure -
Revision Note: V2.0 (September 28, 2010): Advisory updated to reflect publication of security bulletin Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-070 to address this issue. For more information about this issue...- News
- Thread
- 2010 advisory asp.net bulletin complaints cve-2010-3332 extended security updates information information disclosure investigation issues microsoft ms10-070 oracle padding public reports revision note security update vulnerability
- Replies: 0
- Forum: Security Alerts
-
Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure -
Revision Note: V2.0 (September 28, 2010): Advisory updated to reflect publication of security bulletin Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-070 to address this issue. For more information about this issue...- News
- Thread
- advisory asp.net cve-2010-3332 information information disclosure microsoft ms10-070 security update vulnerability
- Replies: 0
- Forum: Security Alerts
-
Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure
Revision Note: V2.0 (September 28, 2010): Advisory updated to reflect publication of security bulletinSummary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-070 to address this issue. For more information about this issue, including...- News
- Thread
- advisory asp.net cve-2010-3332 information information disclosure microsoft ms10-070 security update vulnerability
- Replies: 0
- Forum: Security Alerts
-
Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure -
Revision Note: V2.0 (September 28, 2010): Advisory updated to reflect publication of security bulletin Advisory Summary:Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-070 to address this issue. For more information about this issue...- News
- Thread
- advisory asp.net bulletin cve-2010-3332 information information disclosure microsoft security update vulnerability
- Replies: 0
- Forum: Security Alerts
-
Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure
Revision Note: V1.2 (September 24, 2010): Added an entry to the FAQ to announce a revision to the workaround, "Enable a UrlScan or Request Filtering rule, enable ASP.NET custom errors, and map all error codes to the same error page." Customers who have already applied the workaround should...- News
- Thread
- advisory asp.net cve-2010-3332 information disclosure microsoft ms10-070 request filtering security update vulnerability
- Replies: 0
- Forum: Security Alerts