When working with Microsoft ASP.NET, a component of the Microsoft .NET Framework provides for session state management through a variety of modes. One such mode, called StateServer, stores session state information in a separate running process that can run on either the same machine as the ASP.NET-based application or on a different machine. An unchecked buffer in one of the routines handles the processing of cookies in StateServer mode, resulting in a security vulnerability.
|File Size||1.18 MB|
|Operating System||Windows NT Windows 2000 Windows XP Windows|
|System Requirements||Windows NT/2000/XP|