Lucene search
K

2076 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2012/11/14 5:8 p.m.9 views

opera to 12.10 (important)

This Opera 12.10 security update fixes following security issues: -an issue that could cause Opera not to correctly check for certificate revocation; -an issue where CORS requests could incorrectly retrieve contents of cross origin pages; -an issue where data URIs could be used to facilitate...

0.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2012/11/12 12:0 a.m.13 views

Opera < 12.10 Multiple Vulnerabilities

Binary data 800822.prm...

7.3AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2012/11/12 12:0 a.m.11 views

Opera < 12.10 Multiple Vulnerabilities

Binary data 6618.prm...

9.3CVSS7.3AI score0.03778EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2012/11/06 12:0 a.m.24 views

Opera < 12.10 Multiple Vulnerabilities

The version of Opera installed on the remote host is earlier than 12.10 and is, therefore, reportedly affected by the following vulnerabilities : - An error exists related to certificate revocation checking that can allow the application to indicate that a site is secure even though the check has...

9.3CVSS6AI score0.03778EPSS
Exploits0References15
Opera Security Advisories
Opera Security Advisories
added 2012/11/02 12:0 a.m.494 views

Certificate revocation service failure may cause Opera to show an unverified site as secure

When accessing secure websites, Opera checks with a number of services to check if the website's security certificate has been revoked. Normally, if Opera cannot check revocation status, it will not present the site as secure. In some cases, a failure in one of these services can cause Opera not ...

1.9AI score
Exploits0Affected Software1
Opera Security Advisories
Opera Security Advisories
added 2012/11/02 12:0 a.m.8 views

Certificate revocation service failure may cause Opera to show an unverified site as secure – Opera Security Advisories

When accessing secure websites, Opera checks with a number of services to check if the website’s security certificate has been revoked. Normally, if Opera cannot check revocation status, it will not present the site as secure. In some cases, a failure in one of these services can cause Opera not ...

5.7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2012/10/09 7:51 p.m.6 views

Microsoft Patches Critical Word Flaw; Certificate Key Length Changes are Official

Microsoft rolled out seven security updates today, including a fix for a critical remotely exploitable Word vulnerability. In all, 20 vulnerabilities were repaired by Microsoft, which also issued an advisory regarding poorly generated digital certificates that have to be replaced and the...

0.2AI score
Exploits0References11
CISA
CISA
added 2012/09/28 12:0 a.m.16 views

Adobe Releases Security Bulletin About Code Signing Certificate

Adobe has released a security bulletin to address an issue with a current Adobe code signing certificate. The certificate to be revoked has been used to sign malicious code. The certificate will be revoked on October 4, 2012 for all software code signed after July 10, 2012. Adobe is issuing a new...

7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2012/09/27 9:6 p.m.18 views

Valid Adobe Certificate Used to Sign Malicious Utilities Common in Targeted Attacks

Adobe announced today it was the victim of an APT-style attack after two malicious utilities commonly used in targeted attacks for privilege escalation and pivoting within a network were discovered signed by a valid Adobe digital certificate. Adobe said it will revoke the certificate next week...

0.6AI score
Exploits0References2
OSV
OSV
added 2012/09/18 5:55 p.m.5 views

CVE-2012-4413

OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...

6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2012/09/06 7:41 p.m.10 views

Two Microsoft Security Updates Await In Advance of Certificate Key Length Changes

Microsoft is promising a light load of security updates for next Tuesday’s monthly patch release in an attempt to give Windows administrators and security teams time to prepare for an October change to certificate key length requirements. Angela Gunn of Microsoft’s Security Response Team announce...

7.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2012/09/06 12:0 a.m.42 views

Ubuntu: Security Advisory (USN-1505-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.1AI score0.93688EPSS
Exploits9References5
ATTACKERKB
ATTACKERKB
added 2012/08/26 3:17 a.m.3 views

CVE-2011-5123

The Antivirus component in Comodo Internet Security before 5.3.175888.1227 does not check whether X.509 certificates in signed executable files have been revoked, which has unknown impact and remote attack vectors...

10CVSS5.5AI score0.01221EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2012/08/26 3:17 a.m.1 views

CVE-2011-5121

The Antivirus component in Comodo Internet Security before 5.3.175888.1227 does not properly check whether unspecified X.509 certificates are revoked, which has unknown impact and remote attack vectors...

10CVSS5.5AI score0.01221EPSS
Exploits0References2
Cvelist
Cvelist
added 2012/08/26 1:0 a.m.27 views

CVE-2011-5123

The Antivirus component in Comodo Internet Security before 5.3.175888.1227 does not check whether X.509 certificates in signed executable files have been revoked, which has unknown impact and remote attack vectors...

6.8AI score0.01221EPSS
Exploits0References1
CVE
CVE
added 2012/08/26 1:0 a.m.44 views

CVE-2011-5121

CVE-2011-5121 affects Comodo Internet Security’s Antivirus component prior to 5.3.175888.1227, where unspecified X.509 certificates are not revoked correctly. Impact is described as unknown with remote attack vectors; no explicit exploit details or fixes are provided in the supplied documents. Ex...

10CVSS6.9AI score0.01221EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2012/08/26 1:0 a.m.25 views

CVE-2011-5121

The Antivirus component in Comodo Internet Security before 5.3.175888.1227 does not properly check whether unspecified X.509 certificates are revoked, which has unknown impact and remote attack vectors...

6.7AI score0.01221EPSS
Exploits0References1
NVD
NVD
added 2012/08/13 8:55 p.m.17 views

CVE-2012-3367

Red Hat Certificate System RHCS before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority CA certificate...

5.5CVSS6.6AI score0.01163EPSS
Exploits1References8
Prion
Prion
added 2012/08/13 8:55 p.m.19 views

Authentication flaw

Red Hat Certificate System RHCS before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority CA certificate...

5.5CVSS7.2AI score0.01163EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2012/08/13 8:0 p.m.60 views

CVE-2012-3367

CVE-2012-3367 affects Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System. Root cause: the web interface failed to properly validate certificate revocation requests, allowing an agent with permissions to revoke end-entity certificates to revoke the CA certificate. Impact:...

5.5CVSS6.8AI score0.01163EPSS
Exploits1References8Affected Software2
Rows per page
Query Builder