Microsoft .NET Framework ASP.NET Forms Authentication Bypass Vulnerability
22 Mar. 2012
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability."
Microsoft .NET Framework is prone to a authentication-bypass vulnerability in ASP.NET.
An attacker can exploit this issue to gain unauthorized access to another users account. Successful exploits will allow attackers to execute arbitrary commands with the privileges of the targeted user.
Microsoft has issued an update to correct this vulnerability