The host is running Microsoft .NET and is prone to Cross-Site Scripting Vulnerability.
Successful exploitation could allow attackers to conduct cross-site scripting attacks against the form control via the __VIEWSTATE parameter.
Upgrade to Microsoft .NET 1.1 or later, For updates refer to http://www.microsoft.com/downloads/details.aspx?displaylang=en
The flaw is due to error in the default configuration of 'ASP.NET' it has a value of FALSE for the EnableViewStateMac property when processing the '__VIEWSTATE' parameter.
Microsoft .NET version prior to 1.1
- Fraudulent Digital Certificates Spoofing Vulnerability (2607712)
- Microsoft ASP.NET Cross-Site Scripting vulnerability
- Microsoft Windows Server 2003 win32k.sys DoS Vulnerability
- MS Windows Fraudulent Digital Certificates Spoofing Vulnerability (2641690)
- Opera web browser news url denial of service vulnerability