VULHUB ™

Microsoft's ASP.NET is a collection of technology. ASP.NET supports a range of common HTTP tasks, including the ability to maintain session state through the usage of client cookies. This may be accomplished through the use of ASP.NET's StateServer mode, in which state information is stored in a separate server process. The StateServer process suffers from a buffer overflow vulnerability when processing large cookie data. Exploitation may lead to a denial of service condition. It may be possible to execute arbitrary code as the server process, this has not however been confirmed.

Microsoft's ASP.NET is a collection of technology. ASP.NET supports a range of common HTTP tasks, including the ability to maintain session state through the usage of client cookies. This may be accomplished through the use of ASP.NET's StateServer mode, in which state information is stored in a separate server process. The StateServer process suffers from a buffer overflow vulnerability when processing large cookie data. Exploitation may lead to a denial of service condition. It may be possible to execute arbitrary code as the server process, this has not however been confirmed.