This host is missing an important security update according to Microsoft advisory (2905247).
Successful exploitation will allow remote attackers to use specially crafted HTTP content to inject code to be run in the context of the service account on the ASP.NET server. Impact Level: System/Application
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/en-us/security/advisory/2905247
Flaw is due to the view state that exists when Machine Authentication Code (MAC) validation is disabled through configuration settings.
Microsoft .NET Framework versions 1.1, 2.0, 3.5, 3.5.1, 4.0, 4.5 and 4.5.1
Get the vulnerable file version and check appropriate patch is applied or not.
- PuTTY window title escape character arbitrary command execution
- Microsoft's SQL Hello Overflow
- MS Windows Help and Support Center Remote Code Execution Vulnerability
- Microsoft Windows2k3 Active Directory 'BROWSER ELECTION' Buffer Overflow Vulnerability
- Microsoft Excel 2007 Office Drawing Layer Remote Code Execution Vulnerability