|
|
Subscribe / Log in / New account

arora: certificate spoof

Package(s):arora CVE #(s):CVE-2011-3367
Created:December 13, 2011 Updated:August 20, 2012
Description: From the CVE entry:

Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.

Alerts:
Gentoo 201412-09 racer-bin, fmod, PEAR-Mail, lvm2, gnucash, xine-lib, lastfmplayer, webkit-gtk, shadow, PEAR-PEAR, unixODBC, resource-agents, mrouted, rsync, xmlsec, xrdb, vino, oprofile, syslog-ng, sflowtool, gdm, libsoup, ca-certificates, gitolite, qt-creator 2014-12-11
Mageia MGASA-2012-0220 arora 2012-08-18
Fedora FEDORA-2011-14756 arora 2011-10-22
Fedora FEDORA-2011-14719 arora 2011-10-22
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds