What is CVE-2004-0847?

CVE-2004-0847 is a vulnerability in N/a. Published 2004-10-06.

Is CVE-2004-0847 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2004-0847

The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass authentication for .aspx files in restricted directories via a request containing a (1) "\" (backslash) or (2) "%5C" (encoded backslash), aka…

EPSS: 0.528 (98.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

MS05-004 (x_refsource_MS, vendor-advisory)
sourceforge.net/mailarchive/forum.php (x_refsource_MISC)
oval:org.mitre.oval:def:4987 (signature, x_refsource_OVAL, vdb-entry)
TA05-039A (x_refsource_CERT, third-party-advisory)
windows-forms-security-bypass(17644) (vdb-entry, x_refsource_XF)
oval:org.mitre.oval:def:3556 (signature, x_refsource_OVAL, vdb-entry)
VU#283646 (x_refsource_CERT-VN, third-party-advisory)
11342 (vdb-entry, x_refsource_BID)
20040914 Security bug in .NET Forms Authentication (mailing-list, x_refsource_NTBUGTRAQ)

Frequently asked questions

What is CVE-2004-0847?: CVE-2004-0847 is a vulnerability in N/a. Published 2004-10-06.
Is CVE-2004-0847 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.