CVE-2010-1459
Published May 27, 2010
Last updated 14 years ago
Overview
- Description
- The default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by the __VIEWSTATE parameter to 2.0/menu/menu1.aspx in the XSP sample project.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mono:mono:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B31A3175-7CC6-4367-9A3C-F3324156C818"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3309DF2-A3A7-4016-95D9-ABB4230083FD"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "098D040B-CD80-41A6-A3DF-06C379BCABA6"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "293D8EF8-8A6B-4EBE-B145-C909ADBE32E8"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBB77289-2AED-4BD4-9578-FEB0EC83701E"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA1D2C56-70EA-48F4-A3B3-1080DF8ABC5D"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7E03067-D1B7-427A-8800-A40DDAF466FE"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23B3DD31-D316-422F-A3E4-9C7D85E0F26C"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42E75C91-A3D2-479B-9F3F-B97BC75A5B57"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A4299404-6C79-4B21-BB8C-115FA1E3AC28"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "944E7E22-41CA-4E2D-B31A-E602B41C34A0"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9F638AC-EBDC-4886-B798-42D12557573A"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE6384D7-7899-4D7F-B478-BDEDDA415054"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D7DEAABB-265B-45B3-8A87-86EB5CCEAE5E"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E1B76E4-C12D-4BC6-8745-1AB5C5F32B53"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.8.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "919CAD10-2F17-4F94-8116-815E77F5E998"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F79FC32-28BB-44F7-AA6E-E15B24692483"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0546335-1EEF-4946-8B94-69F91697D511"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D24AC82-5BCE-4D9F-8DF1-24BE6C255553"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1A85E81-0778-46B1-A932-C14B6DC08A68"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.10.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82CA587E-7272-4C7C-90D3-D0CCBAA76348"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30593717-0C0E-4F05-8690-4A47CA724C20"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "723D4817-BB5F-4D65-9258-B0E2992F2738"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.12.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A986CA3E-05A4-4D42-86E4-A7AA3A20298B"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19877D33-5DBF-40D7-87CB-545558C64771"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.13.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29CFCD33-C188-409F-B07A-1F1A064894DD"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.13.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F64E7267-E010-4FC8-879A-448C85BC250B"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.13.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC4D32E8-B90B-432D-B6A3-5F9DDEECC206"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.13.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "683F75A5-E4E4-4416-8E1C-A2C694A30BA3"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.13.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EBE3CDD7-8553-4CB7-A0A7-B059B4D75B0C"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.13.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2E7AE533-E1E8-494F-BE86-0BFDF30AD3B1"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.13.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0BB26E71-AC67-4B9E-BDAE-835DA8C2C443"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9252266-4293-49E3-9492-67F4AF80335B"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D22A05F-650E-484D-9F78-8C821EA103E0"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0034178B-13CC-43A0-BBBA-988EC558DA5B"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.16.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5014D928-E0E3-4B75-B4B8-44D193446505"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE2C11F2-2A21-481E-8350-F3777A0A8033"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.17.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EFC21FA7-648F-4E41-962B-664140FA4812"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.17.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9788C5D4-ECD7-4F2E-BE0F-F4FFE626A3A3"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.1.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9FF02E9-070C-4AAA-ABB7-26FC9E56C7A2"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA4FE4B4-7514-460F-AD14-40184115092A"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2AA11C84-3102-429E-951A-698CE023FDB0"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6003FD8-B371-44AE-B565-6205F68117A4"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.2.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE1FD98F-ED5D-4247-BC79-1FABC1684557"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "87E41880-769F-499E-AFB3-62B78AB765F4"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.2.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F5558CC-9D71-472C-B9B5-20481A333AC3"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0895ECCA-B8B3-46BD-9ADE-258AAF205D90"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F3AB679-5630-4F0B-9DF7-D64AFA970D44"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.2.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC72C972-FF09-4A5D-9AD4-A422EDADF5AF"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.2.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28E60798-6722-4B4F-B06E-7C1E1FDF92EC"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66E14236-3F37-4047-A3EF-32E9923C35FD"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18C24C8F-0967-4C1B-8F19-696707C2064B"
},
{
"criteria": "cpe:2.3:a:mono:mono:1.9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D28CEA5-CA8A-4830-A134-1589AD98B334"
},
{
"criteria": "cpe:2.3:a:mono:mono:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B4BB536F-79EB-42AF-B17B-49BE47CFC215"
},
{
"criteria": "cpe:2.3:a:mono:mono:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE2CA7F0-C5ED-450D-BAEE-300E27AAD13D"
},
{
"criteria": "cpe:2.3:a:mono:mono:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A08F0EFF-9F4D-4DD3-BD55-71F34B70648B"
},
{
"criteria": "cpe:2.3:a:mono:mono:2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A12EEE2B-E956-4889-9C55-F23968C17E7D"
},
{
"criteria": "cpe:2.3:a:mono:mono:2.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E59557D-42A7-4189-97DD-45F31DC1AB6D"
},
{
"criteria": "cpe:2.3:a:mono:mono:2.4.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA6DFB1E-1DBD-459C-95FE-841253F4F6A6"
},
{
"criteria": "cpe:2.3:a:mono:mono:2.4.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E95734E0-1349-4C3C-9557-ADEEA1014C38"
},
{
"criteria": "cpe:2.3:a:mono:mono:2.4.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BFBAA1F5-522B-4357-B9E8-FC15053C75A1"
},
{
"criteria": "cpe:2.3:a:mono:mono:2.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B25BDA5E-E1AB-4C9A-A53B-B8863F2A2A40"
}
],
"operator": "OR"
}
]
}
]