FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2011-3061

This CVE name corresponds to:

Entered Topic
2012-03-28 chromium -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2011-3061 at cve.mitre.org

Details

Type Candidate
Name CVE-2011-3061
Phase Assigned(20110809)

Description

Google Chrome before 18.0.1025.142 does not properly check X.509 certificates before use of a SPDY proxy, which might allow man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate.

References

Source Reference
CONFIRM http://code.google.com/p/chromium/issues/detail?id=116398
CONFIRM http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html
BID 52762
OSVDB 80739
OVAL oval:org.mitre.oval:def:14849
SECTRACK 1026877
SECUNIA 48618
SECUNIA 48691
SECUNIA 48763
XF chrome-spdy-sec-bypass(74411)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.