I found ASP.NET Padding Oracle Vulnerability on http://www.pidgin.im
mohammed al-saggaf
mohammed.sec2010 at gmail.com
Fri Mar 29 08:06:11 EDT 2013
Hi admin;
I am security and I found ASP.NET Padding Oracle Vulnerability on
http://www.pidgin.im that ASP.Net uses encryption to hide sensitive data
and protect it from tampering by the client. However, a vulnerability in
the ASP.Net encryption implementation can allow an attacker to decrypt and
tamper with this data. This vulnerability exists in all versions of ASP.NET
.
How to fix this vulnerability?
You should apply the Microsoft patch MS10-070 linked in the Web references
section.
if you have any questions , send it in this email
my name is mohammed al-saggaf
thanks...........
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pidgin.im/pipermail/support/attachments/20130329/9cf0aa0b/attachment-0002.html>
More information about the Support
mailing list