CVE-2009-3046

Опубликовано: 02 сент. 2009

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes it easier for remote SSL servers to bypass validation of the certificate chain via a revoked certificate.

Ссылки

http://www.opera.com/docs/changelogs/freebsd/1000/
Broken Link
Vendor Advisory
http://www.opera.com/docs/changelogs/linux/1000/
Broken Link
Vendor Advisory
http://www.opera.com/docs/changelogs/mac/1000/
Broken Link
Vendor Advisory
http://www.opera.com/docs/changelogs/solaris/1000/
Broken Link
Vendor Advisory
http://www.opera.com/docs/changelogs/windows/1000/
Broken Link
Vendor Advisory
http://www.opera.com/support/kb/view/929/
Broken Link
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6357
Broken Link
http://www.opera.com/docs/changelogs/freebsd/1000/
Broken Link
Vendor Advisory
http://www.opera.com/docs/changelogs/linux/1000/
Broken Link
Vendor Advisory
http://www.opera.com/docs/changelogs/mac/1000/
Broken Link
Vendor Advisory
http://www.opera.com/docs/changelogs/solaris/1000/
Broken Link
Vendor Advisory
http://www.opera.com/docs/changelogs/windows/1000/
Broken Link
Vendor Advisory
http://www.opera.com/support/kb/view/929/
Broken Link
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6357
Broken Link

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*

Версия до 10.00 (исключая)

EPSS

Процентиль: 35%

0.00143

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-295

Связанные уязвимости

GHSA-fm2v-2v2p-j5mr