Computer Security
[EN] securityvulns.ru no-pyccku


Firefox / Konqueror / Safari certificate spoofing
updated since 19.11.2007
Published:20.11.2007
Source:
SecurityVulns ID:8359
Type:remote
Threat Level:
5/10
Description:Link between certificate and web site is not set, if certificate from unknown certification authirity is manually approved, making it's possible to use same certificate for different site withour warning.
Affected:APPLE : Safari 2.0
 MOZILLA : Firefox 2.0
 KDE : Konqueror 3.5
 APPLE : Safari 3.0
 KDE : Konqueror 3.95
Original documentdocumentGraeme Fowler, Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 (20.11.2007)
 documentNils Toedtmann, ertificate spoofing with subjectAltName and domain name wildcards (19.11.2007)
 documentNils Toedtmann, [Full-disclosure] Certificate spoofing issue with Mozilla, Konqueror, Safari 2 (19.11.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod