This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

ASP.NET POET Vulnerability

Revision as of 20:08, 4 October 2010 by Gfedon (talk | contribs) (Not reccomended Fixes (via web.config change))

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This page contains details about the ASP.NET POET vulnerability disclosed on 2010-09-17. This vulnerability exists in all versions of ASP.NET (all versions released through 2010-09-18). As of 2010-09-20, there is no fix available to resolve the vulnerability; in the meantime, Microsoft strongly urges all ASP.NET deployments perform the recommended workaround to mitigate the vulnerability in the short-term.


Recommended Fixes

Not recommended Fixes (via web.config change)

Why we do not recommend these workarounds

Blogs, News, Articles

File Access Exploits

discussion Threads