ASP.NET ViewState Replay Vulnerability

ASP.NET ViewState Replay Vulnerability

CVE-2005-1664 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

The __VIEWSTATE functionality in Microsoft ASP.NET 1.x allows remote attackers to conduct replay attacks to (1) apply a ViewState generated from one view to a different view, (2) reuse ViewState information after the application's state has changed, or (3) use the ViewState to conduct attacks or expose content to third parties.

Learn more about our Web Application Penetration Testing UK.