48 matches found
Design/Logic Flaw
The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing...
CVE-2012-4930
The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing...
CVE-2012-4929
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differenc...
CVE-2012-4930
Removed by vendor...
CVE-2012-4929
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differenc...
CRIME : New SSL/TLS attack for Hijacking HTTPS Sessions
Two security researchers claim to have developed a new attack that can decrypt session cookies from HTTPS Hypertext Transfer Protocol Secure connections. From the security researchers who created and demonstrated the BEAST Browser Exploit Against SSL/TLS tool for breaking SSL/TLS encryption comes...
New Attack Uses SSL/TLS Information Leak to Hijack HTTPS Sessions
There is a feature supported by the SSL/TLS encryption standard and used by most of the major browsers that leaks enough information about encrypted sessions to enable attackers decrypt users’ supposedly protected cookies and hijack their sessions. The researchers who developed the attack that...
Cyber Attacks Hit Nearly 40 South Korean websites !
According to a new report, 40 South Korean websites came under a cyber crime attack by a computer virus, including the presidential Blue House, South Korea's biggest bank , a major online auction house, the Foreign Ministry, the two largest search engines in the country and Korean military websit...