Original RTM did not enforce proper ciphertext integrity for view state. Only fixed with the ASP.NET security update (MS10-070) released in September 2010—meaning unpatched RTM is vulnerable.
While marketed as an ASP.NET Core bug, this vulnerability stems from the .NET Framework’s handling of get_Item in System.Web.HttpCookie . Attackers could bypass __VIEWSTATE validation, leading to information disclosure or arbitrary file read via path traversal ( ../../../Windows/win.ini style attacks). microsoft net framework 4.0 v 30319 vulnerabilities