Lucene search
K

48 matches found

Prion
Prion
added 2012/09/15 6:55 p.m.23 views

Design/Logic Flaw

The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing...

2.6CVSS6.7AI score0.02079EPSS
Exploits1References9
Cvelist
Cvelist
added 2012/09/15 6:0 p.m.30 views

CVE-2012-4930

The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing...

9.2AI score0.02079EPSS
Exploits1References9
Debian CVE
Debian CVE
added 2012/09/15 6:0 p.m.63 views

CVE-2012-4929

The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differenc...

2.6CVSS5.9AI score0.04266EPSS
Exploits2
Debian CVE
Debian CVE
added 2012/09/15 6:0 p.m.45 views

CVE-2012-4930

Removed by vendor...

2.6CVSS7.2AI score0.02079EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2012/09/15 12:0 a.m.53 views

CVE-2012-4929

The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differenc...

2.6CVSS6.8AI score0.04266EPSS
Exploits2References20
The Hacker News
The Hacker News
added 2012/09/08 2:21 p.m.4 views

CRIME : New SSL/TLS attack for Hijacking HTTPS Sessions

Two security researchers claim to have developed a new attack that can decrypt session cookies from HTTPS Hypertext Transfer Protocol Secure connections. From the security researchers who created and demonstrated the BEAST Browser Exploit Against SSL/TLS tool for breaking SSL/TLS encryption comes...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2012/09/05 5:27 p.m.7 views

New Attack Uses SSL/TLS Information Leak to Hijack HTTPS Sessions

There is a feature supported by the SSL/TLS encryption standard and used by most of the major browsers that leaks enough information about encrypted sessions to enable attackers decrypt users’ supposedly protected cookies and hijack their sessions. The researchers who developed the attack that...

6.3AI score
Exploits0References3
The Hacker News
The Hacker News
added 2011/03/05 4:47 a.m.9 views

Cyber Attacks Hit Nearly 40 South Korean websites !

According to a new report, 40 South Korean websites came under a cyber crime attack by a computer virus, including the presidential Blue House, South Korea's biggest bank , a major online auction house, the Foreign Ministry, the two largest search engines in the country and Korean military websit...

7AI score
Exploits0
Rows per page
Query Builder