CVE-2005-0509

Currently unrated

Key Information:

Vendor: Microsoft
Status: .net Framework; Mono
Vendor: CVE Published:; 14 March 2005

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<".

References

http://marc.info/?l=bugtraq&m=110867912714913&w=2

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/14325

third-party-advisoryx_refsource_SECUNIA

http://it-project.ru/andir/docs/aspxvuln/aspxvuln.en.xml

x_refsource_MISC

EPSS Score

2% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 14, 2005
Vulnerability Reserved
Feb 22, 2005

Collectors

NVD DatabaseMitre Database