Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3367


Vulnerability Score 5.0 5.0
CVE Id CVE-2011-3367
Last Modified 30 Nov 2011 10:51:03
Published 29 Nov 2011 12:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.

Vulnerable Systems


  • Arora-browser Arora 0.11.0


BUGTRAQ - 20111007 Low severity flaw in various applications including KSSL, Rekonq, Arora, Psi IM

Last Updated: 27 May 2016 10:57:42