Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:23939
HistoryApr 10, 2020 - 12:40 a.m.

Replay Attack

2020-04-1000:40:52
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
seamonkey
ntlm
replay attack
authentication
vulnerability
web page

EPSS

0.016

Percentile

87.6%

SeaMonkey is vulnerable to a Replay Attack. A flaw was found in the SeaMonkey NT Lan Manager (NTLM) authentication protocol implementation. If an attacker could trick a local user that has NTLM credentials into visiting a specially-crafted web page, they couldsend arbitrary requests, authenticated with the user’s NTLM credentials, to other applications on the user’s system.

References