IDCVSSSummaryLast (major) updatePublished
CVE-2012-5824 5.8
Trillian does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid
31-01-2013 - 23:53 04-11-2012 - 17:55
CVE-2009-4831 5.8
Cerulean Studios Trillian 3.1 Basic does not check SSL certificates during MSN authentication, which allows remote attackers to obtain MSN credentials via a man-in-the-middle attack with a spoofed SSL certificate.
30-04-2010 - 00:00 29-04-2010 - 15:30
Back to Top Mark selected
Back to Top