Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60395
HistorySep 20, 2012 - 12:00 a.m.

Microsoft Windows Phone 7 SSL证书'Common Name'验证安全限制绕过漏洞

2012-09-2000:00:00
Root
www.seebug.org
14

0.07 Low

EPSS

Percentile

94.0%

JSON

BUGTRAQ ID: 55569
CVE ID: CVE-2012-2993

Windows Phone 7是微软公司发布的一款手机操作系统,于2010年10月11日发布,它将微软旗下产品整合至手机中,并使用Metro作为设计语言。

Microsoft Windows Phone 7没有正确验证服务器的SSL证书,可允许攻击者执行中间人攻击或模拟受信任服务器。
0
Microsoft Windows Phone 7
厂商补丁:

Microsoft

目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:

http://www.microsoft.com/technet/security/

Related

cve 1
nvd 1
cert 1
cvelist 1
prion 1
cve
cve
CVE-2012-2993
2012-09-18 03:48:28
nvd
nvd
CVE-2012-2993
2012-09-18 03:48:28
cert
cert
Windows Phone 7 does not check certificate Common Names when sending or receiving emails over SSL.
2012-09-17 00:00:00
cvelist
cvelist
CVE-2012-2993
2012-09-18 01:00:00
prion
prion
Code injection
2012-09-18 03:48:00

0.07 Low

EPSS

Percentile

94.0%

JSON
Related for SSV:60395
cve1nvd1cert1cvelist1prion1