Microsoft Security Bulletin Unchecked Buffer in ASP.NET Worker Process.
Download

Microsoft Security Bulletin Ranking & Summary

Microsoft Security Bulletin Tags

Buffer Buffer Manager Buffer Sizer Information Worker Management video buffer worker bidding worker read buffer worker availability buffer maker typeahead buffer

Microsoft Security Bulletin Description

From Microsoft: Who should read this bulletin: Customers operating web servers running ASP.NET applications. Impact of vulnerability: Denial of Service, Potentially Run Code of Attacker's Choice. Maximum Severity Rating: Moderate Recommendation: Customers using StateServer mode should apply the patch. Customers who do not use StateServer mode need not take any action. Affected Software: Microsoft .NET Framework version 1.0, of which ASP.NET is a component. When working with Microsoft ASP.NET, a component of the Microsoft .NET Framework provides for session state management through a variety of modes. One such mode, called StateServer, stores session state information in a separate running process that can run on either the same machine as the ASP.NET-based application or on a different machine. An unchecked buffer in one of the routines handles the processing of cookies in StateServer mode, resulting in a security vulnerability.

Microsoft Security Bulletin Related Software