Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3367

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-3367
Last Modified 30 Nov 2011 10:51:03
Published 29 Nov 2011 12:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-3367

Summary

Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.

Vulnerable Systems

Application

  • Arora-browser Arora 0.11.0


References

BUGTRAQ - 20111007 Low severity flaw in various applications including KSSL, Rekonq, Arora, Psi IM


Last Updated: 27 May 2016 10:57:42