Vulnerability in Microsoft Windows_7
CVE-2011-3417
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, when sliding expiry is enabled, does not properly handle cached content, which allows remote attackers to obta…
EPSS: 0.628 (98.4th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Windows_7
- Microsoft Windows_server_2003
- Microsoft Windows_server_2008 — versions r2
- Microsoft Windows_vista
- Microsoft Windows_xp — versions sp3
- N/a — versions n/a
Weakness classification (CWE)
References
- TA11-347A (US Government Resource, x_refsource_CERT, third-party-advisory)
- MS11-100 (x_refsource_MS, vendor-advisory)
- 51203 (vdb-entry, x_refsource_BID)
- oval:org.mitre.oval:def:14625 (x_refsource_OVAL, signature, vdb-entry)