PT-2011-4160 · Google · Google Chrome

Publicado

2011-09-16

·

Atualizado

2020-05-08

·

CVE-2011-2874

CVSS v2.0

6.8

Média

VetorAV:N/AC:M/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 14.0.835.163
Description The issue concerns a missing pin operation for a self-signed certificate during a session, which has unspecified impact and can be exploited remotely.
Recommendations For versions prior to 14.0.835.163, update to version 14.0.835.163 or later to resolve the issue.

Exploit

Correção

Improper Certificate Validation

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-295

Identificadores relacionados

CVE-2011-2874

Produtos afetados

Google Chrome