34 matches found
CVE-2026-9758
Improper comparison with the certificates trusted list in S2OPC allows an attacker well-formed untrusted certificate to be considered trusted...
EUVD-2012-2476
Malware in sbrugna...
EUVD-2014-0768
Malware in sbrugna...
EUVD-2014-0769
Malware in sbrugna...
EUVD-2008-1742
Malware in sbrugna...
CVE-2012-2490
Cisco IP Communicator 8.6 allows man-in-the-middle attackers to modify the Certificate Trust List via unspecified vectors, aka Bug ID CSCtz01471...
An automatic updater of untrusted certificates is available for Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
An automatic updater of untrusted certificates is available for Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 INTRODUCTION An automatic updater of untrusted certificates is available for Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. This...
KLA11376 Spoofing vulnerability in Microsoft Windows
A vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to spoof user interface. Technical details The certificates were inadvertently disclosed by the Sennheiser HeadSetup and HeadSetup Pro software. Original advisories ADV180029 Related products...
KLA10706 Potentially vulnerable Dell certificate
Microsoft updates Certificate Trust list to exclude potentially vulnerable eDellCert certificate. Via this vulnerability malicious can obtain sensitive information or bypass security restrictions. Technical details For further details about problem you can visit Dell blog entry related. And also ...
Xboxlive digital certificate private key is compromised, the user or the man in the middle attacks-vulnerability warning-the black bar safety net
! Microsoft confirmedXboxlive. com domain name for the SSL/TLS digital certificate private key has been compromised, by the attacker is used to attempt to launch a MiTM attack, but the private key cannot be used to sign other certificates or code, or fake other domain names. Xboxlive certificate ...
Microsoft issues Emergency Windows Update to Block Fake SSL Certificates
Today, Microsoft has issued an emergency update for almost all versions of Windows and also for Microsoft devices running Windows Phone 8 and 8.1 to secure users from attacks that abuse the latest issued rogue SSL certificates, which could be used to impersonate Google and Yahoo! websites. A week...
Security Advisory 2982792 released, Certificate Trust List updated
Today, we are updating the Certificate Trust List CTL for all supported releases of Microsoft Windows to remove the trust of mis-issued third-party digital certificates. These certificates could be used to spoof content and perform phishing or man-in-the-middle attacks against web properties. Wit...
CVE-2014-0737
The Cisco Unified IP Phone 7960G 9.21 and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List CTL file, aka Bug ID CSCuj66795...
CVE-2014-0738
The Phone Proxy component in Cisco Adaptive Security Appliance ASA Software 9.1.3 and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List CTL file, aka Bug ID CSCuj66770...
Authentication flaw
The Phone Proxy component in Cisco Adaptive Security Appliance ASA Software 9.1.3 and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List CTL file, aka Bug ID CSCuj66770...
Authentication flaw
The Cisco Unified IP Phone 7960G 9.21 and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List CTL file, aka Bug ID CSCuj66795...
CVE-2014-0737
The Cisco Unified IP Phone 7960G 9.21 and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List CTL file, aka Bug ID CSCuj66795...
Cisco Adaptive Security Appliance Phone Proxy CTL Authentication Vulnerability
A vulnerability in the Phone Proxy function of the Cisco Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to modify the trust of the Certificate Trust List CTL of a remote IP phone. The vulnerability is due to insufficient authentication of the CTL file. An attacker...
PT-2014-3802 · Cisco · Cisco Asa
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions 9.1.3 and earlier Description: The issue allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List CTL file. This could enable...
Cisco IP Communicator Certificate Trust List Manipulation
The version of Cisco IP Communicator is 8.61. Such versions are potentially affected by a data modification vulnerability. By performing a Man-in-the-Middle attack, a remote, unauthenticated attacker could replace the original Certificate Trust List with a modified one. C Tenable Network Security...