3 matches found
dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker
A flaw was found in dnsmasq. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw...
CVE-2020-1786
HUAWEI Mate 20 Pro smartphones versions earlier than 10.0.0.175C00E69R3P8 have an improper authentication vulnerability. The software does not sufficiently validate the name of apk file in a special condition which could allow an attacker to forge a crafted application as a normal one. Successful...
Mozilla Firefox and Firefox ESR Forgery Vulnerability
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the U.S. Firefox ESR is an extended support version of Firefox. A forgery vulnerability exists in versions of Mozilla Firefox prior to 54 and Firefox ESR prior to 52.2. An attacker can exploit this vulnerability ...