CVE-2016-5672 in Crosswalk情報

要約

〜によって MITRE

Intel Crosswalk before 19.49.514.5, 20.x before 20.50.533.11, 21.x before 21.51.546.0, and 22.x before 22.51.549.0 interprets a user's acceptance of one invalid X.509 certificate to mean that all invalid X.509 certificates should be accepted without prompting, which makes it easier for man-in-the-middle attackers to spoof SSL servers and obtain sensitive information via a crafted certificate.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

予約する

2016年06月16日

モデレーション

承諾済み

エントリ

VDB-90401

EPSS

0.01736

アクティビティ

非常低い

ソース

Interested in the pricing of exploits?

See the underground prices here!