5 matches found
CVE-2009-2510
Technical details for CVE-2009-2510 are not publicly provided in the connected documents. Please monitor for updates.
Microsoft Windows CryptoAPI X.509 Spoofing Vulnerabilities (974571)
This host is missing a critical security update according to Microsoft Bulletin MS09-056. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MS09-056: Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571)
The remote Windows host contains a version of the Microsoft Windows CryptoAPI that is affected by multiple vulnerabilities : - A spoofing vulnerability exists in the Microsoft Windows CryptoAPI component when parsing ASN.1 information from X.509 certificates. An attacker who successfully exploite...
CVE-2009-3454
CVE-2009-2510 describes a spoofing vulnerability in the Windows CryptoAPI where the Common Name (CN) field in X.509 certificates containing a NULL terminator is misparsed, allowing MITM-style impersonation if a malicious cert is issued by a trusted CA. The issue affects multiple Windows versions ...
SSL NULL Termination Certificate Validation Security Bypass (CVE-2009-2408; CVE-2009-2510; CVE-2009-4565)
Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Firefox is a popular, open source web browser developed by Mozilla Foundation. A security bypass vulnerability has been reported in Mozilla Networ...