Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 5:46 a.m.3 views

SUSE CVE-2012-2808

The PRNG implementation in the DNS resolver in Bionic in Android before 4.1.1 incorrectly uses time and PID information during the generation of random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a...

5CVSS8.8AI score0.00269EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2015/04/01 10:59 a.m.28 views

CVE-2015-0800

The PRNG implementation in the DNS resolver in Mozilla Firefox aka Fennec before 37.0 on Android does not properly generate random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to...

5CVSS7.3AI score0.00455EPSS
Exploits0References1
Prion
Prionadded 2015/04/01 10:59 a.m.36 views

Design/Logic Flaw

The PRNG implementation in the DNS resolver in Mozilla Firefox aka Fennec before 37.0 on Android does not properly generate random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to...

5CVSS6.8AI score0.00455EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2015/04/01 10:0 a.m.74 views

CVE-2012-2808

CVE-2012-2808 affects Android's Bionic DNS resolver, where the PRNG used to generate DNS query IDs and UDP source ports relies on time and PID. This weakens randomness, facilitating remote spoofing of DNS responses. The connected CVE-2015-0800 describes a related Android Firefox DNS-spoofing issu...

5CVSS8.9AI score0.00269EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2015/04/01 10:0 a.m.24 views

CVE-2015-0800

The PRNG implementation in the DNS resolver in Mozilla Firefox aka Fennec before 37.0 on Android does not properly generate random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to...

6.3AI score0.00455EPSS
Exploits0References4
CVE
CVEadded 2015/04/01 10:0 a.m.107 views

CVE-2015-0800

The CVE-2015-0800 entry concerns Mozilla Firefox on Android (pre-37.0) where the DNS resolver’s PRNG for query IDs and UDP source ports may not generate random values properly. This weakens the ability to distinguish genuine DNS responses from spoofed ones, enabling remote attackers to spoof DNS ...

5CVSS8.9AI score0.00455EPSS
Exploits0References4Affected Software1
The Hacker News
The Hacker Newsadded 2012/07/24 11:19 p.m.42 views

CVE-2012-2808 : Android 4.0.4 DNS poisoning vulnerability Exposed

Android's DNS resolver is vulnerable to DNS poisoning due to weak randomness in its implementation. Researchers Roee Hay & Roi Saltzman from IBM Application Security Research Group demonstrate that how an attacker can successfully guess the nonce of the DNS request with a probability thatis su...

5CVSS6.6AI score0.00269EPSS
Exploits0
Rows per page
Query Builder