Scope: Confidentiality / Impact: Read Application Data
対策・緩和策
Handle exceptions appropriately in source code. ASP .NET applications should be configured to use custom error pages instead of the framework default page.
Do not attempt to process an error or attempt to mask it.
Verify return values are correct and do not supply sensitive information about the system.