CVE-2010-1459
Description
The default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by the __VIEWSTATE parameter to 2.0/menu/menu1.aspx in the XSP sample project.
Risk Information
Base Score
8.6
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
0.41
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2010-1459 are fixed in Nuget - mono 2.6.4 | Windows |
| Multiple Vulnerabilities are affected in Mono for Windows 1.0.5 | Windows |
| Multiple Vulnerabilities are affected in Mono for Windows 1.0 | Windows |
| Vulnerabilities CVE-2006-5072,CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 2.0 | Windows |
| Multiple Vulnerabilities are affected in Mono for Windows 1.1.13 | Windows |
| Multiple Vulnerabilities are affected in Mono for Windows 1.1.13.4 | Windows |
| Multiple Vulnerabilities are affected in Mono for Windows 1.1.13.6 | Windows |
| Multiple Vulnerabilities are affected in Mono for Windows 1.1.13.7 | Windows |
| Multiple Vulnerabilities are affected in Mono for Windows 1.1.17 | Windows |
| Multiple Vulnerabilities are affected in Mono for Windows 1.1.17.1 | Windows |
| Multiple Vulnerabilities are affected in Mono for Windows 1.1.18 | Windows |
| Multiple Vulnerabilities are affected in Mono for Windows 1.1.4 | Windows |
| Multiple Vulnerabilities are affected in Mono for Windows 1.1.8.3 | Windows |
| Multiple Vulnerabilities are affected in Mono for Windows 1.2.5.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.0.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.0.2 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.0.4 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.0.6 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.10 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.10.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.11 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.12 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.12.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.13.2 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.13.5 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.13.8 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.13.8.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.14 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.15 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.16 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.16.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.17.2 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.2 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.3 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.5 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.6 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.7 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.8 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.8.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.9 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.9.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.1.9.2 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.2 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.2.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.2.2 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.2.2.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.2.3 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.2.3.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.2.4 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.2.5 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.2.5.2 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.2.6 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.9 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 1.9.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 2.0.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 2.2 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 2.4 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 2.4.2 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 2.4.2.1 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 2.4.2.2 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 2.4.2.3 | Windows |
| Vulnerabilities CVE-2010-1459,CVE-2010-4159 are affected in Mono for Windows 2.4.3 | Windows |
| Mono is a platform for running and developing applications (USN-1517-1) libmono-system-web2.0-cil_2.10.8.1-1ubuntu2.3_all.deb | Linux |
| Mono is a platform for running and developing applications (USN-1517-1) libmono-system-web4.0-cil_2.10.8.1-1ubuntu2.3_all.deb | Linux |
| Vulnerabilities CVE-2010-1459 are fixed in Nuget - mono for Linux 2.6.4 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234