I found ASP.NET Padding Oracle Vulnerability on http://www.pidgin.im
elb at pidgin.im
Fri Mar 29 08:22:46 EDT 2013
Since I can't tell if this is a spam or what (it doesn't have any
bogus links), I'll bite.
mohammed al-saggaf spake unto us the following wisdom:
> I am security and I found ASP.NET Padding Oracle Vulnerability on
> http://www.pidgin.im that ASP.Net uses encryption to hide sensitive data
> and protect it from tampering by the client. However, a vulnerability in
> the ASP.Net encryption implementation can allow an attacker to decrypt and
> tamper with this data. This vulnerability exists in all versions of ASP.NET
We don't use asp.net or Oracle. You're confused.
More information about the Support