NVD

Id
15235  
Name
CVE-2010-3900  
Description
Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 is used, does not verify X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted server certificate, a related issue to CVE-2010-3312.  
Reject
 
CVSS Version
2  
CVSS Score
5.8  
Severity
Medium  
CVSS Base Score
5.8  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:N)  
Pub Date
2017-01-18  
Published
2010-10-14  
Modified Date
2011-02-17  
Seq
2010-3900  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
85857 15235 CVE-2010-3900 http://git.xfce.org/apps/midori/tree/ChangeLog  View
85858 15235 CVE-2010-3900 SUSE-SR:2011:002  View
85859 15235 CVE-2010-3900 http://www.omgubuntu.co.uk/2010/05/midori-0-2-5-released/  View
85860 15235 CVE-2010-3900 [oss-security] 20100917 Re: CVE request: epiphany not checking ssl certs  View
85861 15235 CVE-2010-3900 http://www.twotoasts.de/bugs/index.php?do=details&task_id=168  View
85862 15235 CVE-2010-3900 http://www.twotoasts.de/bugs/index.php?do=details&task_id=743  View
85863 15235 CVE-2010-3900 http://www.twotoasts.de/index.php?/archives/30-Validation,-vending-and-Vala.html  View
85864 15235 CVE-2010-3900 ADV-2011-0212  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
37481 JVNDB-2010-003266 Midori における任意の HTTPS Web サイトになりすまされる脆弱性 Midori は、WebKitGTK+ または LibSoup が使用される際、X.509 証明書を確認しないため、任意の HTTPS Web サイトになりすまされる脆弱性が存在します。 CVE-2010-3900 46480 CVE-2010-3900 15235 5.8 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003266.html 2010-10-14 2012-03-27 View