CVE-2012-5801 in EbayИнформация

Сводка

по MITRE

The PayPal module in PrestaShop does not verify that the server hostname matches a domain name in the subject s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the PHP fsockopen function.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Резервировать

04.11.2012

Раскрытие

04.11.2012

Модерация

принято

Вход

VDB-62848

EPSS

0.00759

KEV

Нет

Деятельности

Очень низкий

Сектор

Hostingprovider, Telecommunication, ...

Источники

MITREhttps://www.cve.org/CVERecord?id=CVE-2012-5801
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2012-5801
CVE Detailshttps://www.cvedetails.com/cve/CVE-2012-5801/

ПредыдущийОбзорДалее

Do you know our Splunk app?

Download it now for free!