CVE-2010-3332 : Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Intern

Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View State (aka __VIEWSTATE) form data, and possibly forge cookies or read application files, via a padding oracle attack, aka "ASP.NET Padding Oracle Vulnerability."

Published 2010-09-22 19:00:06

Updated 2020-11-23 19:50:12

Source Microsoft Corporation

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2010-3332

Probability of exploitation activity in the next 30 days: 96.93%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2010-3332

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.4	MEDIUM	AV:N/AC:L/Au:N/C:P/I:P/A:N	10.0	4.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None

CWE ids for CVE-2010-3332

CWE-209 Generation of Error Message Containing Sensitive Information

The product generates an error message that includes sensitive information about its environment, users, or associated data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2010-3332

http://blogs.technet.com/b/srd/archive/2010/09/17/understanding-the-asp-net-vulnerability.aspx

Understanding the ASP.NET Vulnerability – Microsoft Security Response Center
Vendor Advisory
http://threatpost.com/en_us/blogs/new-crypto-attack-affects-millions-aspnet-apps-091310

Threatpost | The first stop for security news
Third Party Advisory
http://securitytracker.com/id?1024459

Microsoft ASP.NET Padding Oracle Attack Lets Remote Users Decrypt Data - SecurityTracker
Third Party Advisory;VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-070

Microsoft Security Bulletin MS10-070 - Important | Microsoft Docs
Patch;Vendor Advisory
http://www.troyhunt.com/2010/09/fear-uncertainty-and-and-padding-oracle.html

Troy Hunt: Fear, uncertainty and the padding oracle exploit in ASP.NET
Exploit;Third Party Advisory
http://www.vupen.com/english/advisories/2010/2751

Webmail | OVH- OVH
Third Party Advisory
http://www.vupen.com/english/advisories/2010/2429

Webmail | OVH- OVH
Third Party Advisory
http://weblogs.asp.net/scottgu/archive/2010/09/18/important-asp-net-security-vulnerability.aspx

ScottGu's Blog - Important: ASP.NET Security Vulnerability
Mitigation;Third Party Advisory
http://www.theinquirer.net/inquirer/news/1732956/security-researchers-destroy-microsoft-aspnet-security

Security researchers 'destroy' Microsoft ASP.NET security | TheINQUIRER
Third Party Advisory
http://twitter.com/thaidn/statuses/24832350146

Twitter / ?
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/61898

Microsoft ASP.NET padding information disclosure CVE-2010-4007 Vulnerability Report
Third Party Advisory;VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12365

Repository / Oval Repository
Third Party Advisory
http://www.ekoparty.org/juliano-rizzo-2010.php

ekoparty security conference
Broken Link
http://www.mono-project.com/Vulnerabilities#ASP.NET_Padding_Oracle

Vulnerabilities | Mono
Exploit;Third Party Advisory
http://isc.sans.edu/diary.html?storyid=9568

InfoSec Handlers Diary Blog - Microsoft Security Advisory for ASP.NET
Third Party Advisory
http://www.dotnetnuke.com/Community/Blogs/tabid/825/EntryId/2799/Oracle-Padding-Vulnerability-in-ASP-NET.aspx

Oracle Padding Vulnerability in ASP.NET > DNN Software
Third Party Advisory
http://www.securityfocus.com/bid/43316

Microsoft .NET Framework ASP.NET Padding Oracle Information Disclosure Vulnerability
Third Party Advisory;VDB Entry
http://pentonizer.com/general-programming/aspnet-poet-vulnerability-what-else-can-i-do/

ASP.NET POET Vulnerability - What Else Can I Do? : The Penton-izer
Third Party Advisory
http://www.microsoft.com/technet/security/advisory/2416728.mspx

Technical documentation, API, and code examples | Microsoft Docs
Broken Link

Products affected by CVE-2010-3332

Microsoft » .net Framework » Version: 1.1 Update SP1
cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Internet Information Services » Version: N/A
Microsoft » .net Framework » Version: 2.0 Update SP2
cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Internet Information Services » Version: N/A
Microsoft » .net Framework » Version: 2.0 Update SP1
cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Internet Information Services » Version: N/A
Microsoft » .net Framework » Version: 3.5 Update SP1
cpe:2.3:a:microsoft:.net_framework:3.5:sp1:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Internet Information Services » Version: N/A
Microsoft » .net Framework » Version: 3.5.1
cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Internet Information Services » Version: N/A
Microsoft » .net Framework » Version: 3.5
cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Internet Information Services » Version: N/A
Microsoft » .net Framework » Version: 4.0
cpe:2.3:a:microsoft:.net_framework:4.0:-:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Internet Information Services » Version: N/A

Vulnerability Details : CVE-2010-3332

Exploit prediction scoring system (EPSS) score for CVE-2010-3332

CVSS scores for CVE-2010-3332

CWE ids for CVE-2010-3332

References for CVE-2010-3332

Products affected by CVE-2010-3332