Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during a SSL/TLS handshake, does not prompt the user before searching for and finding a newer certificate, which may allow attackers to perform a man-in-the-middle attack. NOTE: it is not clear whether this poses a vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Internet Explorer安全漏洞
Vulnerability Description
Microsoft Internet Explorer(IE)是美国微软(Microsoft)公司的一款Windows操作系统附带的Web浏览器。 Microsoft Internet Explorer是一款流行的WEB浏览器,可以通过SSL加密通信。Microsoft Internet Explorer中SSL使用的PKI实现存在问题,远程攻击者可以利用这个漏洞提供伪造证书而不被用户发现。在SSL/TLS握手过程中,Web服务程序会随意地发送完整证书链(Certificate chain)给客户端,这个
CVSS Information
N/A
Vulnerability Type
N/A