3 matches found
CVE-2011-5241
ServicesTwitter 0.6.3 does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...
CVE-2011-5241
ServicesTwitter 0.6.3 does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...
CVE-2011-5241
Summary of CVE-2011-5241 : The vulnerability affects Services_Twitter 0.6.3, where the client does not verify that the server hostname matches a domain name in the certificate’s CN or subjectAltName. This enables man-in-the-middle attackers to spoof SSL servers using arbitrary valid certificates....