Midori prior to 0.2.5, when WebKitGTK+ prior to 1.1.14 or LibSoup prior to 2.29.91 is used, does not verify X.509 certificates, which allows man-in-the-middle malicious users to spoof arbitrary https web sites via a crafted server certificate, a related issue to CVE-2010-3312.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
christian dywan midori 0.2.3 |
||
christian dywan midori 0.2.2 |
||
christian dywan midori 0.1.10 |
||
christian dywan midori 0.2.0 |
||
christian dywan midori |
||
christian dywan midori 0.2.1 |