CVE-2011-3366

Rekonq 0.7.0 and earlier does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
VendorProductVersion
adjamrekonq
𝑥
≤ 0.7.0
adjamrekonq
0.0.1
adjamrekonq
0.0.2
adjamrekonq
0.0.3
adjamrekonq
0.0.4
adjamrekonq
0.1:alpha
adjamrekonq
0.1.0
adjamrekonq
0.1.95
adjamrekonq
0.1.98
adjamrekonq
0.2.0
adjamrekonq
0.2.90
adjamrekonq
0.3.0
adjamrekonq
0.3.90
adjamrekonq
0.4.0
adjamrekonq
0.4.90
adjamrekonq
0.4.95
adjamrekonq
0.5.0
adjamrekonq
0.5.80
adjamrekonq
0.6.0
adjamrekonq
0.6.1
adjamrekonq
0.6.80
adjamrekonq
0.6.85
adjamrekonq
0.6.95
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
rekonq
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
hardy
dne
Common Weakness Enumeration
References
http://www.kde.org/info/security/advisory-20111003-1.txt
http://www.securityfocus.com/archive/1/520041
https://bugzilla.redhat.com/show_bug.cgi?id=743194
http://www.kde.org/info/security/advisory-20111003-1.txt
http://www.securityfocus.com/archive/1/520041
https://bugzilla.redhat.com/show_bug.cgi?id=743194