EUVD-2018-9359

Malware in sbrugna...

Inadvertently Disclosed Digital Certificates Could Allow Spoofing

Microsoft is publishing this advisory to notify customers of two inadvertently disclosed digital certificates that could be used to spoof content and to provide an update to the Certificate Trust List CTL to remove user-mode trust for the certificates. The disclosed root certificates were...

KLA11376 Spoofing vulnerability in Microsoft Windows

A vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to spoof user interface. Technical details The certificates were inadvertently disclosed by the Sennheiser HeadSetup and HeadSetup Pro software. Original advisories ADV180029 Related products...

Code injection

Sennheiser HeadSetup 7.3.4903 places Certification Authority CA certificates into the Trusted Root CA store of the local system, and publishes the private key in the SennComCCKey.pem file within the public software distribution, which allows remote attackers to spoof arbitrary web sites or softwa...

CVE-2018-17612

Sennheiser HeadSetup 7.3.4903 places Certification Authority CA certificates into the Trusted Root CA store of the local system, and publishes the private key in the SennComCCKey.pem file within the public software distribution, which allows remote attackers to spoof arbitrary web sites or softwa...

CVE-2018-17612

Sennheiser HeadSetup 7.3.4903 places Certification Authority CA certificates into the Trusted Root CA store of the local system, and publishes the private key in the SennComCCKey.pem file within the public software distribution, which allows remote attackers to spoof arbitrary web sites or softwa...