[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

127571

 
 

909

 
 

105400

 
 

152

Paid content will be excluded from the download.


Download | Alert*
OVAL

ASP.NET Core Spoofing Vulnerability - CVE-2019-1075

ID: oval:org.secpod.oval:def:57357Date: (C)2019-07-11   (M)2019-07-18
Class: VULNERABILITYFamily: windows




A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect. An attacker who successfully exploited the vulnerability could redirect a targeted user to a malicious website. To exploit the vulnerability, an attacker could send a link that has a specially crafted URL, and convince the user to click the link. The update addresses the vulnerability by correcting how ASP.NET Core parses URLs.

Platform:
Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Product:
Microsoft ASP .NET core 2.1
Microsoft ASP .NET core 2.2
Microsoft .NET core runtime 2.1
Microsoft .NET core runtime 2.2
Reference:
CVE-2019-1075
CVE    1
CVE-2019-1075
CPE    8
cpe:/a:microsoft:.net_core:2.1:::x64
cpe:/a:microsoft:.net_core:2.1:::x86
cpe:/a:microsoft:asp_.net_core:2.1:::x64
cpe:/a:microsoft:asp_.net_core:2.1:::x86
...

© SecPod Technologies