CVE-2005-1665

Name of the Vulnerable Software and Affected Versions Microsoft ASP.NET version 1.x

Description The issue concerns the VIEWSTATE functionality in Microsoft ASP.NET. When this functionality is not cryptographically signed, it allows remote attackers to cause a denial of service by consuming CPU resources via deeply nested markup.

Recommendations For Microsoft ASP.NET version 1.x, consider implementing cryptographic signing for the VIEWSTATE functionality to prevent denial of service attacks. As a temporary workaround, consider restricting the depth of nested markup to minimize the risk of CPU consumption.