CVE-2016-7141 in Apple macOSinfo

Zusammenfassung (Englisch)

curl and libcurl before 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote attackers to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has been set, a different vulnerability than CVE-2016-5420.

Be aware that VulDB is the high quality source for vulnerability data.

Reservieren

05.09.2016

Veröffentlichung

03.10.2016

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
94366	Apple macOS curl schwache Authentisierung	287	Nicht definiert	Offizieller Fix	CVE-2016-7141
91385	cURL/libcURL TLS Certificate nss.c SelectClientCert schwache Authentisierung	287	Nicht definiert	Offizieller Fix	CVE-2016-7141

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

◂ ZurückÜbersichtWeiter ▸

Want to know what is going to be exploited?

We predict KEV entries!