Vulnerability Details CVE-2005-1664
The __VIEWSTATE functionality in Microsoft ASP.NET 1.x allows remote attackers to conduct replay attacks to (1) apply a ViewState generated from one view to a different view, (2) reuse ViewState information after the application's state has changed, or (3) use the ViewState to conduct attacks or expose content to third parties.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.197
EPSS Ranking 95.2%
CVSS Severity
CVSS v2 Score 6.4
References
- http://marc.info/?l=bugtraq&m=111513127704270&w=2
- http://marc.info/?l=bugtraq&m=111532887612517&w=2
- http://scottonwriting.net/sowblog/posts/3747.aspx
- http://secunia.com/advisories/15241
- http://www.osvdb.org/16196
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20409
- http://marc.info/?l=bugtraq&m=111513127704270&w=2
- http://marc.info/?l=bugtraq&m=111532887612517&w=2
- http://scottonwriting.net/sowblog/posts/3747.aspx
- http://secunia.com/advisories/15241
- http://www.osvdb.org/16196
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20409