virus logo Intrusion Prevention

MS.ASP.NET.Padding.Oracle.Information.Disclosure

description-logoDescription

This indicates an attack attempt against an information-disclosure vulnerability in Microsoft ASP.NET.
This vulnerability allows remote attackers to successfully decrypt data that have been encrypted by the vulnerable server.

affected-products-logoAffected Products

Microsoft .NET Framework 4.0 and prior versions

Impact logoImpact

Information Disclosure

recomended-action-logoRecommended Actions

Refer to the vendor's web site for the suggested workaround:
http://www.microsoft.com/technet/security/advisory/2416728.mspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2022-07-06 21.351 Sig Added
2020-12-21 16.983 Name:MS.
ASP.
NET.
Information.
Disclosure:MS.
ASP.
NET.
Padding.
Oracle.
Information.
Disclosure

References

http://blogs.technet.com/b/srd/archive/2010/09/17/understanding-the-asp-net-vulnerability.aspx
ID 24464
Created Sep 22, 2010
Updated Jul 06, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2010-3332
Exploit Prediction Score 96.93%
Default Action drop
Active
Affected OS Windows
Affected App Other