This Information Disclosure vulnerability could allow an attacker to bypass ASP.Net security and gain unauthorized access to objects in the Application folders explicitly by name. this could be used to produce useful information that could be used to try to further compromise the affected system.
Microsoft has released a patch to correct this issue, you can download it from the following web site: http://www.microsoft.com/technet/security/bulletin/ms06-033.mspx
- Microsoft FrontPage Information Disclosure Vulnerability (2825621)
- Microsoft Windows Defender Privilege Elevation Vulnerability (2847927)
- Microsoft Host Integration Server Denial of Service Vulnerabilities (2607670)
- Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities (2451858)
- Microsoft JScript and VBScript Scripting Engines Information Disclosure Vulnerability (2475792)