Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Internet Explorer 安全漏洞
Vulnerability Description
Microsoft Internet Explorer(IE)是美国微软(Microsoft)公司的一款Windows操作系统附带的Web浏览器。 Internet Explorer是一款流行的WEB浏览程序,SSL是加密通信协议。Internet Explorer的SSL实现存在问题,远程攻击者可以利用这个漏洞进行中间人攻击。在通常情况下,WEB站点的管理员通过SSL进行通信加密,要实现加密通信,管理员需要生成证书并由CA证书授权中心签发,该WEB站点的URL会保存在证书的识别名小节中的CN(公用名)字
CVSS Information
N/A
Vulnerability Type
N/A