SChannel in Microsoft Internet Explorer 6 through 11 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle malicious users to obtain sensitive information or modify TLS session data via a "triple handshake attack," aka "TLS Server Certificate Renegotiation Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet explorer 11 |
||
microsoft internet explorer 10 |
||
microsoft internet explorer 7 |
||
microsoft internet explorer 6 |
||
microsoft internet explorer 9 |
||
microsoft internet explorer 8 |