I found ASP.NET Padding Oracle Vulnerability on http://www.pidgin.im
mohammed.sec2010 at gmail.com
Fri Mar 29 08:06:11 EDT 2013
I am security and I found ASP.NET Padding Oracle Vulnerability on
http://www.pidgin.im that ASP.Net uses encryption to hide sensitive data
and protect it from tampering by the client. However, a vulnerability in
the ASP.Net encryption implementation can allow an attacker to decrypt and
tamper with this data. This vulnerability exists in all versions of ASP.NET
How to fix this vulnerability?
You should apply the Microsoft patch MS10-070 linked in the Web references
if you have any questions , send it in this email
my name is mohammed al-saggaf
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Support