KLA10614
Code injection vulnerability in Microsoft ASP.NET MVC
Обновлено: 17/06/2019
Дата обнаружения
14/10/2014
Уровень угрозы
Warning
Описание

XSS vulnerability was found in ASP.NET MVC. By exploiting this vulnerability malicious users can inject arbitrary script. This vulnerability can be exploited remotely via a specially designed web page.

Пораженные продукты

Microsoft ASP.NET NVC versions 2.0, 3.0, 4.0, 5.0 and 5.1

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2014-4075
Оказываемое влияние
?
CI 
[?]
Связанные продукты
Microsoft ASP.NET MVC
CVE-IDS
CVE-2014-40754.3Warning
Microsoft official advisories
Microsoft Security Update Guide
KB list

2993937
2990942
2993939
2993928
2994397
2992080