CVE Vulnerabilities

CVE-2011-3416

Published: Dec 30, 2011 | Modified: Sep 28, 2020
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
8.5 HIGH
AV:N/AC:M/Au:S/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka ASP.Net Forms Authentication Bypass Vulnerability.

Affected Software

Name Vendor Start Version End Version
Windows_vista Microsoft * *
Windows_server_2008 Microsoft * *
Windows_server_2008 Microsoft r2 r2
Windows_xp Microsoft sp3 sp3
Windows_server_2008 Microsoft * *
Windows_7 Microsoft - -
Windows_7 Microsoft - -
Windows_server_2008 Microsoft - -
Windows_xp Microsoft * *
Windows_server_2003 Microsoft * *
Windows_7 Microsoft - -
Windows_vista Microsoft - -
Windows_server_2008 Microsoft - -

References