CVE-2005-0452

CVE Database · CVE-2005-0452

CVE-2005-0452

· N/AModified

CVSS v3.1

N/A

EPSS

23.37%

Published

Feb 16, 2005

Modified

Apr 15, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMicrosoft ASP.NET 1.0/1.1 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.NET (.Net) 1.0 and 1.1 to SP1 allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<".

Affected Products (5)

microsoft · asp.netvulnerable

References (8)

http://it-project.ru/andir/docs/aspxvuln/aspxvuln.en.xml

Vendor Advisory

http://marc.info/?l=bugtraq&m=110867912714913&w=2

http://secunia.com/advisories/14214

Vendor Advisory

http://www.securityfocus.com/bid/12574

Vendor Advisory

http://it-project.ru/andir/docs/aspxvuln/aspxvuln.en.xml

Vendor Advisory

http://marc.info/?l=bugtraq&m=110867912714913&w=2

http://secunia.com/advisories/14214

Vendor Advisory

http://www.securityfocus.com/bid/12574

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs