Lucene search
+L

757 matches found

OpenVAS
OpenVAS
added 2011/12/09 12:0 a.m.47 views

Opera Multiple Vulnerabilities (Dec 2011) - Mac OS X

Opera is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.5AI score0.06047EPSS
Exploits0References3
NVD
NVD
added 2011/12/07 7:55 p.m.22 views

CVE-2011-4684

Opera before 11.60 does not properly handle certificate revocation, which has unspecified impact and remote attack vectors related to "corner cases."...

10CVSS6.4AI score0.06047EPSS
Exploits0References3
Cvelist
Cvelist
added 2011/12/07 7:0 p.m.26 views

CVE-2011-4684

Opera before 11.60 does not properly handle certificate revocation, which has unspecified impact and remote attack vectors related to "corner cases."...

6.3AI score0.06047EPSS
Exploits0References3
CVE
CVE
added 2011/12/07 7:0 p.m.55 views

CVE-2011-4684

Opera before 11.60 does not properly handle certificate revocation, per CVE-2011-4684. Connected sources confirm affected product: Opera browser; root cause: improper certificate revocation handling; impact is described as unspecified in the initial entry. Remediation evident in the connected doc...

10CVSS6.4AI score0.06047EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/12/07 12:0 a.m.44 views

Opera < 11.60 Multiple Vulnerabilities (BEAST)

The version of Opera installed on the remote Windows host is prior to 11.60. It is, therefore, affected by multiple vulnerabilities : - An unspecified error exists that can allow URL spoofing in the address bar. CVE-2011-4010 - Top level domain separation rules are not honored for two-letter top...

10CVSS6.7AI score0.73327EPSS
Exploits4References16
FreeBSD
FreeBSD
added 2011/12/06 12:0 a.m.35 views

opera -- multiple vulnerabilities

Opera software reports: Fixed a moderately severe issue; details will be disclosed at a later date Fixed an issue that could allow pages to set cookies or communicate cross-site for some top level domains; see our advisory Improved handling of certificate revocation corner cases Added a fix for a...

7.3AI score
Exploits0References3
OpenVAS
OpenVAS
added 2011/11/09 12:0 a.m.29 views

Microsoft Windows Active Directory LDAPS Authentication Bypass Vulnerability (2630837)

This host is missing a critical security update according to Microsoft Bulletin MS11-086. OpenVAS Vulnerability Test $Id: secpodms11-086.nasl 8276 2018-01-03 12:29:18Z asteins $ Microsoft Windows Active Directory LDAPS Authentication Bypass Vulnerability 2630837 Authors: Madhuri D Copyright:...

9CVSS0.1AI score0.10965EPSS
Exploits1References4
securityvulns
securityvulns
added 2011/11/09 12:0 a.m.49 views

Microsoft Windows active directory authentication bypass

Certificate revocation list is not checked on LDAPs access...

9CVSS4.2AI score0.10965EPSS
Exploits1
NVD
NVD
added 2011/11/08 9:55 p.m.22 views

CVE-2011-2014

The LDAP over SSL aka LDAPS implementation in Active Directory, Active Directory Application Mode ADAM, and Active Directory Lightweight Directory Service AD LDS in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7...

9CVSS6.2AI score0.10965EPSS
Exploits1References3
Prion
Prion
added 2011/11/08 9:55 p.m.18 views

Authentication flaw

The LDAP over SSL aka LDAPS implementation in Active Directory, Active Directory Application Mode ADAM, and Active Directory Lightweight Directory Service AD LDS in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7...

9CVSS6.7AI score0.10965EPSS
Exploits1References3Affected Software3
Symantec
Symantec
added 2011/11/08 12:0 a.m.29 views

Microsoft Active Directory LDAPS Authentication Bypass Vulnerability

Description Microsoft Active Directory is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions by using a revoked certificate. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya CallPilot 4.0 Avaya CallPilot 5.0...

7.2AI score
Exploits0Affected Software20
Positive Technologies
Positive Technologies
added 2011/11/08 12:0 a.m.8 views

PT-2011-3552 · Microsoft · Windows Xp +7

Name of the Vulnerable Software and Affected Versions: Active Directory versions prior to the fixed version Active Directory Application Mode ADAM versions prior to the fixed version Active Directory Lightweight Directory Service AD LDS versions prior to the fixed version Microsoft Windows XP...

9CVSS6.1AI score0.10965EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2011/10/27 6:54 p.m.15 views

EFF Data Shows Four CAs Compromised Since June

The EFF, through the use of its SSL Observatory, has taken a look at the data from certificate revocation lists for SSL certificates in recent months, and found that there were four separate CAs compromised in the last four months. The data that the EFF looked at was a summary of the reasons that...

0.4AI score
Exploits0References7
NVD
NVD
added 2011/10/14 10:55 a.m.23 views

CVE-2011-3227

libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list CRL, which allows remote attackers to execute arbitrary code or cause a denial of service application crash a crafted 1 web site or 2 e-mail...

6.8CVSS8.6AI score0.01838EPSS
Exploits0References3
Cvelist
Cvelist
added 2011/10/14 10:0 a.m.28 views

CVE-2011-3227

libsecurity in Apple Mac OS X before 10.7.2 does not properly handle errors during processing of a nonstandard extension in a Certificate Revocation list CRL, which allows remote attackers to execute arbitrary code or cause a denial of service application crash a crafted 1 web site or 2 e-mail...

8.7AI score0.01838EPSS
Exploits0References3
OSV
OSV
added 2011/09/22 10:55 a.m.4 views

DEBIAN-CVE-2011-3207

crypto/x509/x509vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past...

5CVSS7.6AI score0.05012EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2011/09/06 12:0 a.m.27 views

OpenSSL 1.x < 1.0.0e Multiple Vulnerabilities

Binary data 801065.prm...

5CVSS7.9AI score0.05012EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2011/07/16 6:19 p.m.2 views

THE CRAZIES Hackers Leaks Server Certificates of Defense Information Systems Agency (DISA)

THE CRAZIES Hackers Leaks Server Certificates of Defense Information Systems Agency DISA THE CRAZIES Hackers steal the Several Certificate revocation lists CRLs from Server of Defense Information Systems Agency DISA - https://disa.mil/ and leak the Certificates at :...

6.9AI score
Exploits0
Prion
Prion
added 2011/07/01 10:55 a.m.14 views

Design/Logic Flaw

Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service application crash via vectors involving a Certificate Revocation List CRL file, as demonstrated by the multicert-ca-02.crl file...

5CVSS6.9AI score0.01337EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2011/06/24 12:0 a.m.4 views

PT-2011-2179 · Apple · Macos X

Name of the Vulnerable Software and Affected Versions: Mac OS X versions prior to 10.6.8 Description: The issue concerns the Certificate Trust Policy component, which fails to perform CRL checking for Extended Validation EV certificates lacking OCSP URLs. This might allow man-in-the-middle...

5.9CVSS5.7AI score0.00754EPSS
Exploits1References5
Rows per page
Query Builder