=====================================================================

                           CERT-Renater

               Note d'Information No. 2014/VULN219
_____________________________________________________________________

DATE                : 15/10/2014

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running ASP.NET MVC version 2, 3, 4, 5,
                                           5.1.

======================================================================
https://technet.microsoft.com/library/security/ms14-059
______________________________________________________________________

MS14-059 Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass

Version: 1.0

Published Date: October 14, 2014


General Information

Executive Summary

This security update resolves a publicly disclosed vulnerability in
ASP.NET MVC. The vulnerability could allow security feature bypass if
an attacker convinces a user to click a specially crafted link or to
visit a webpage that contains specially crafted content designed to
exploit the vulnerability. In a web-based attack scenario, an attacker
could host a specially crafted website that is designed to exploit the
vulnerability through a web browser, and then convince a user to view
the website. The attacker could also take advantage of compromised
websites and websites that accept or host user-provided content or
advertisements. These websites could contain specially crafted content
that could exploit the vulnerability. In all cases, however, an
attacker would have no way to force users to view the
attacker-controlled content. Instead, an attacker would have to convince
users
to take action, typically by getting them to click a link in an email
message or in an Instant Messenger message that takes them to the
attacker's website, or by getting them to open an attachment sent
through email.

This security update is rated Important for ASP.NET MVC 2, ASP.NET MVC
3, ASP.NET MVC 4, ASP.NET MVC 5, and APS.NET MVC 5.1.


Affected Software

ASP.NET MVC 2.0

ASP.NET MVC 3.0

ASP.NET MVC 4.0

ASP.NET MVC 5.0

ASP.NET MVC 5.1


Vulnerability Information

MVC XSS Vulnerability - CVE-2014-4075

A cross-site scripting (XSS) vulnerability exists in ASP.NET MVC that
could allow an attacker to inject a client-side script into the user's
web browser.

The script could spoof content, disclose information, or take any
action that the user could take on the site on behalf of the targeted
user.

To view this vulnerability as a standard entry in the Common
Vulnerabilities and Exposures list, see CVE-2014-4075.

=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================