CVE Vulnerabilities

CVE-2005-0452

Published: Feb 16, 2005 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.NET (.Net) 1.0 and 1.1 to SP1 allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including > and <.

Affected Software

Name Vendor Start Version End Version
Asp.net Microsoft 1.0 (including) 1.0 (including)
Asp.net Microsoft 1.0-sp1 (including) 1.0-sp1 (including)
Asp.net Microsoft 1.0-sp2 (including) 1.0-sp2 (including)
Asp.net Microsoft 1.1 (including) 1.1 (including)
Asp.net Microsoft 1.1-sp1 (including) 1.1-sp1 (including)

References