Lucene search
HistoryNov 29, 2011 - 5:55 p.m.
CVE-2011-3367
arora
cve-2011-3367
security dialog
certificate
remote attackers
9.1 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
57.3%
Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.
| CPE | Name | Operator | Version |
|---|---|---|---|
| arora-browser:arora | arora-browser arora | eq | 0.11.0 |
References
Related
openvas
openvas
Arora Common Name SSL Certificate Spoofing Vulnerability (Linux)
2011-12-15 00:00:00
Fedora Update for arora FEDORA-2011-14756
2011-12-16 00:00:00
Fedora Update for arora FEDORA-2011-14756
2011-12-16 00:00:00
nessus
nessus
Fedora 16 : arora-0.11.0-3.fc16 (2011-14719)
2011-12-13 00:00:00
Fedora 15 : arora-0.11.0-3.fc15 (2011-14756)
2011-12-15 00:00:00
GLSA-201412-09 : Multiple packages, Multiple vulnerabilities fixed in 2011
2014-12-15 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: arora-0.11.0-3.fc16
2011-12-12 21:58:37
[SECURITY] Fedora 15 Update: arora-0.11.0-3.fc15
2011-12-14 23:35:18
prion
prion
Design/Logic Flaw
2011-11-29 17:55:00
ubuntucve
ubuntucve
CVE-2011-3367
2011-11-29 00:00:00
securityvulns
securityvulns
UI spoofing in different QT applications
2011-10-10 00:00:00
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2011
2014-12-11 00:00:00
9.1 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
57.3%
Related for CVE-2011-3367