CVE-2011-3366

EUVD-2011-3330
Rekonq 0.7.0 and earlier does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Affected Products (NVD)
VendorProductVersion
adjamrekonq
𝑥
≤ 0.7.0
adjamrekonq
0.0.1
adjamrekonq
0.0.2
adjamrekonq
0.0.3
adjamrekonq
0.0.4
adjamrekonq
0.1:alpha
adjamrekonq
0.1.0
adjamrekonq
0.1.95
adjamrekonq
0.1.98
adjamrekonq
0.2.0
adjamrekonq
0.2.90
adjamrekonq
0.3.0
adjamrekonq
0.3.90
adjamrekonq
0.4.0
adjamrekonq
0.4.90
adjamrekonq
0.4.95
adjamrekonq
0.5.0
adjamrekonq
0.5.80
adjamrekonq
0.6.0
adjamrekonq
0.6.1
adjamrekonq
0.6.80
adjamrekonq
0.6.85
adjamrekonq
0.6.95
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
rekonq
hardy
dne
lucid
not-affected
maverick
not-affected
natty
not-affected
oneiric
not-affected
Common Weakness Enumeration
References
http://www.kde.org/info/security/advisory-20111003-1.txt
http://www.securityfocus.com/archive/1/520041
https://bugzilla.redhat.com/show_bug.cgi?id=743194
http://www.kde.org/info/security/advisory-20111003-1.txt
http://www.securityfocus.com/archive/1/520041
https://bugzilla.redhat.com/show_bug.cgi?id=743194