Unrated severityNVD Advisory· Published Aug 10, 2011· Updated Apr 29, 2026

CVE-2011-1977

Description

The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Control for Microsoft .NET Framework 3.5 SP1, do not properly verify functions in URIs, which allows remote attackers to read arbitrary files via special characters in a URI in an HTTP request, aka "Chart Control Information Disclosure Vulnerability."

Affected products

Microsoft/Chart Control For Microsoft .net Framework
cpe:2.3:a:microsoft:chart_control_for_microsoft_.net_framework:3.5:sp1:*:*:*:*:*:*
Microsoft/.net Framework
cpe:2.3:a:microsoft:.net_framework:4.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.us-cert.gov/cas/techalerts/TA11-221A.htmlnvdUS Government Resource
docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-066nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12970nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.017
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000