CVE-2013-6659 in Google Chromeinformation

Résumé (Anglaise)

The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to trigger use of a new certificate chain, inconsistent with the user s expectations, by initiating a TLS renegotiation.

Réserver

05/11/2013

Divulgation

23/02/2014

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
12383	Google Chrome TLS Handshake chiffrement faible	310	Non prouvée	Correctif officiel	CVE-2013-6659

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

◂ PrécédentAperçuSuivant ▸

Do you know our Splunk app?

Download it now for free!