CVE-2011-1068

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Azure Sdk
Vendor: CVE Published:; 23 February 2011

Summary

Microsoft Windows Azure Software Development Kit (SDK) 1.3.x before 1.3.20121.1237, when Full IIS and a Web Role are used with an ASP.NET application, does not properly support the use of cookies for maintaining state, which allows remote attackers to obtain potentially sensitive information by reading an encrypted cookie and performing unspecified other steps.

References

http://secunia.com/advisories/43237

third-party-advisoryx_refsource_SECUNIA

http://blogs.msdn.com/b/windowsazure/archive/2011/02/03/w...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Feb 23, 2011

Collectors

NVD DatabaseMitre Database