CVE-2006-4499

2006-08-31T18:04:00
ID CVE-2006-4499
Type cve
Reporter NVD
Modified 2008-09-05T17:09:51

Description

ModernBill 5.0.4 and earlier uses cURL with insecure settings for CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST that do not verify SSL certificates, which allows remote attackers to read network traffic via a man-in-the-middle (MITM) attack.