Title

Microsoft ASP.NET Chart Control Information Disclosure Vulnerability (Cat II impact)

Discussion

Microsoft has reported a security vulnerability in Microsoft ASP.NET Chart Control. Microsoft Chart controls enable you to create ASP.NET pages or Windows Forms applications with simple, intuitive, and visually compelling charts for complex statistical or financial analysis. To exploit this vulnerability, an attacker would send malicious GET request to an affected server hosting the Chart controls. If successfully exploited, this vulnerability would allow an attacker to obtain access to sensitive information. At this time, there are no known exploits associated with this vulnerability; USCYBERCOM is not aware of any DoD related incidents. Chart Control Information Disclosure Vulnerability - (CVE-2011-1977): An information disclosure vulnerability exists in the way that Microsoft Chart controls incorrectly handle special characters within a specially crafted URI. An attacker who successfully exploited this vulnerability would be able to read the contents of any file within the web site directory or subdirectories, such as web.config. The web.config file often stores sensitive information. The consequences of the disclosure of that information depend on the nature of the information itself. Note that this vulnerability would not allow an attacker to execute code or to elevate the attacker's user rights directly, but it could be used to produce information that could be used to try to further compromise the affected system. Note: Only web applications using Microsoft Chart Control are affected by this issue. Default installations of the .NET Framework are not affected.

Check Content

See IAVM notice and vendor bulletin for additional information. Microsoft Bulletin MS11-066 (2567943). Vulnerable Applications/Systems: Microsoft .NET Framework 4 Windows XP SP3 [1] Windows XP Professional x64 Edition SP2 [1] Windows Server 2003 SP2 (x86, x64 and Itanium) [1] Windows Vista SP2 (x86 and x64) [1] Windows Server 2008 SP2 (x86** x64** and Itaium) [1] ** Windows 7 for and Windows 7 SP1 (x86 and x64) [1] Windows Server 2008 R2 and Windows Server 2008 R2 SP1 (x64* and Itanium) [1] Chart Control for Microsoft .NET Framework 3.5 SP1 *Server Core installation affected. **Server Core installation not affected. [1].NET Framework 4 Client Profile not affected. Verify that the patch has been installed by checking that the following sample file is at the version indicated or later. See the vendor bulletin for additional information and any Vulnerable Systems/Applications not listed below. System.Web.DataVisualization.dll .NET Framework 4 all Windows versions - 4.0.30319.461 or 236 Chart Control for Microsoft .NET Framework - 3.5.30729.5681

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-29781

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.