CVE-2016-5672 in CrosswalkИнформация

Сводка

по MITRE

Intel Crosswalk before 19.49.514.5, 20.x before 20.50.533.11, 21.x before 21.51.546.0, and 22.x before 22.51.549.0 interprets a user's acceptance of one invalid X.509 certificate to mean that all invalid X.509 certificates should be accepted without prompting, which makes it easier for man-in-the-middle attackers to spoof SSL servers and obtain sensitive information via a crafted certificate.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Резервировать

16.06.2016

Раскрытие

31.07.2016

Модерация

принято

Вход

VDB-90401

EPSS

0.01736

KEV

Нет

Деятельности

Очень низкий

Источники

Interested in the pricing of exploits?

See the underground prices here!