CVE-2005-1664

Name of the Vulnerable Software and Affected Versions Microsoft ASP.NET version 1.x

Description The issue concerns the VIEWSTATE functionality, which allows remote attackers to conduct replay attacks. This can be used to apply a ViewState generated from one view to a different view, reuse ViewState information after the application's state has changed, or use the ViewState to conduct attacks or expose content to third parties.

Recommendations For Microsoft ASP.NET version 1.x, consider implementing proper validation and restrictions on ViewState usage to prevent replay attacks, such as using page-specific ViewState or implementing a mechanism to track and validate ViewState generation and usage.