10 matches found
Microsoft Windows CryptoAPI Spoofing Vulnerability
Microsoft Windows CryptoAPI Crypt32.dll contains a spoofing vulnerability in the way it validates Elliptic Curve Cryptography ECC certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was fro...
Microsoft Edge (Chromium) < 79.0.309.68 Multiple Vulnerabilities
The version of Microsoft Edge Chromium installed on the remote Windows host is prior to 79.0.309.68. It is, therefore, affected by multiple vulnerabilities: - A spoofing vulnerability exists in the Windows CryptAPI due to how it validates Elliptic Curve Cryptography ECC certificates. An...
Microsoft Windows CryptoAPI Spoofing (CVE-2020-0601)
A spoofing vulnerability exists in the way Windows CryptoAPI validates Elliptic Curve Cryptography ECC certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear as if the file was from a trusted source...
CVE-2020-0601
A spoofing vulnerability exists in the way Windows CryptoAPI Crypt32.dll validates Elliptic Curve Cryptography ECC certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted,...
CVE-2020-0601
The CVE-2020-0601 issue affects Windows CryptoAPI (Crypt32.dll) and its ECC certificate validation, enabling a spoofing attack where a forged code-signing certificate could make malware appear trusted. Affected platforms include Windows 10 and Windows Server 2016/2019, with the vulnerability tied...
Update Windows 10 Immediately to Patch a Flaw Discovered by the NSA
After Adobe today releases its first Patch Tuesday updates for 2020, Microsoft has now also published its January security advisories warning billions of users of 49 new vulnerabilities in its various products. What's so special about the latest Patch Tuesday is that one of the updates fixes a...
Windows CryptoAPI Spoofing Vulnerability
A spoofing vulnerability exists in the way Windows CryptoAPI Crypt32.dll validates Elliptic Curve Cryptography ECC certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted,...
CVE-2020-0601, aka NSACrypt
A spoofing vulnerability exists in the way Windows CryptoAPI Crypt32.dll validates Elliptic Curve Cryptography ECC certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted,...
KLA11639 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, bypass security restrictions, spoof user interface, cause denial of service. Below is a complete list of...
CentOS 7 : gnutls (CESA-2014:1846)
Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...