var-201109-0017
Vulnerability from variot
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-3389. Reason: This candidate is a duplicate of CVE-2011-3389. Notes: All CVE users should reference CVE-2011-3389 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. The SSL protocol uses a CBC module with an initialization vector to encrypt the data chain, combined with JavaScript code using (1) HTML5 WebSocket API, (2) Java URLConnection API, or (3) Silverlight WebClient API, a man-in-the-middle attacker can use the column in the HTTPS session Block Choice Boundary (BCBA) attack to obtain clear text HTTP header connectors, also known as \"BEAST\" attack
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201109-0017",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.49"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.57"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.50"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.51"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.56"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.48"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.55"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.54"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.62"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "6.0.472.52"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-516"
}
]
},
"cve": "CVE-2004-2770",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [],
"severity": [
{
"author": "CNNVD",
"id": "CNNVD-201109-516",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-516"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-3389. Reason: This candidate is a duplicate of CVE-2011-3389. Notes: All CVE users should reference CVE-2011-3389 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. The SSL protocol uses a CBC module with an initialization vector to encrypt the data chain, combined with JavaScript code using (1) HTML5 WebSocket API, (2) Java URLConnection API, or (3) Silverlight WebClient API, a man-in-the-middle attacker can use the column in the HTTPS session Block Choice Boundary (BCBA) attack to obtain clear text HTTP header connectors, also known as \\\"BEAST\\\" attack",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2770"
},
{
"db": "VULHUB",
"id": "VHN-11198"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-2770",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201109-516",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-11198",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11198"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-516"
},
{
"db": "NVD",
"id": "CVE-2004-2770"
}
]
},
"id": "VAR-201109-0017",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-11198"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:58:29.331000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://www.insecure.cl/beast-ssl.rar"
},
{
"trust": 0.6,
"url": "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html"
},
{
"trust": 0.6,
"url": "http://isc.sans.edu/diary/ssl+tls+part+3+/11635"
},
{
"trust": 0.6,
"url": "http://eprint.iacr.org/2004/111"
},
{
"trust": 0.6,
"url": "http://ekoparty.org/2011/juliano-rizzo.php"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-516"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-11198"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-516"
},
{
"db": "NVD",
"id": "CVE-2004-2770"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-25T00:00:00",
"db": "VULHUB",
"id": "VHN-11198"
},
{
"date": "2011-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-516"
},
{
"date": "2011-09-25T10:55:04.737000",
"db": "NVD",
"id": "CVE-2004-2770"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-11198"
},
{
"date": "2011-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-516"
},
{
"date": "2023-11-07T01:57:07.220000",
"db": "NVD",
"id": "CVE-2004-2770"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-516"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SSL protocol CBC Module \"BEAST\" attack",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-516"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-516"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…