|
|
|||
| Rule General Information |
|---|
| Release Date: | 2016-01-04 | |
| Rule Name: | Microsoft .NET Framework Chart Control Information Disclosure Vulnerability (CVE-2011-1977) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Control for Microsoft .NET Framework 3.5 SP1, do not properly verify functions in URIs, which allows remote attackers to read arbitrary files via special characters in a URI in an HTTP request, aka "Chart Control Information Disclosure Vulnerability." | |
| Impact: | An attacker can abtain sensitive information of the target victim, and do malicious actions to gain profits using the information. | |
| Affected OS: | Windows | |
| Reference: | http://www.microsoft.com/technet/security/Bulletin/MS11-066.mspx |
|
| Solutions |
|---|
| Microsoft has released a patch MS11-066 to eliminate the vulnerability. The patch can be downloaded at http://www.microsoft.com/technet/security/Bulletin/MS11-066.mspx |