Lucene search

K

[email protected]NVD:CVE-2014-2783

HistoryJul 08, 2014 - 10:55 p.m.

CVE-2014-2783

2014-07-0822:55:06

CWE-264

[email protected]

web.nvd.nist.gov

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

7.4 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.6%

Microsoft Internet Explorer 7 through 11 does not prevent use of wildcard EV SSL certificates, which might allow remote attackers to spoof a trust level by leveraging improper issuance of a wildcard certificate by a recognized Certification Authority, aka “Extended Validation (EV) Certificate Security Feature Bypass Vulnerability.”

Affected configurations

NVD

Node

microsoftinternet_explorerMatch7

OR

microsoftinternet_explorerMatch8

OR

microsoftinternet_explorerMatch9

OR

microsoftinternet_explorerMatch10

OR

microsoftinternet_explorerMatch11-

References

secunia.com/advisories/59775

www.securityfocus.com/bid/68391

www.securitytracker.com/id/1030532

docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-037

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

7.4 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.6%

Related for NVD:CVE-2014-2783

cve1 cvelist1 prion1 nessus1 openvas1 mskb1 securityvulns1 kaspersky1