Irene Abezgauz

**Name of the Vulnerable Software and Affected Versions** Microsoft .NET Framework versions 2.0 SP2 through 4.0 **Description** The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted return URL. A spoofing vulnerability exists in the way that .NET Framework verifies return URLs during the forms authentication process, enabling an attacker to redirect a user to a website of their choice without the user's knowledge. This could lead to phishing attacks to gain information from the user. The vulnerability does not allow an attacker to execute code or elevate user rights directly but could be used to further compromise private user information. **Recommendations** For Microsoft .NET Framework versions 2.0 SP2 through 4.0, update to a version that includes the fix for this issue to prevent potential phishing attacks. As a temporary workaround, consider restricting the use of the Forms Authentication feature until a patch is available. Avoid using crafted return URLs in the affected forms authentication process to minimize the risk of exploitation.