Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Opera before 10.00 does not properly handle a (1) '\0' character or (2) invalid wildcard character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Opera Web浏览器 认证绕过漏洞
Vulnerability Description
Opera是挪威欧朋(Opera Software)公司所开发的一款Web浏览器,它支持多窗口浏览、可定制用户界面等。 Opera的10之前版本中存在认证绕过漏洞,可能允许恶意用户执行各种欺骗攻击。 在Opera的10之前版本中,X.509证书没有正确的处理subject's Common Name (CN) 字段中的域名中的一个'\0' 字符或者无效通配符,这使得中间人攻击者可以借助一个特制的由合法的鉴定权威颁布的证书,欺骗任意的SSL服务商。
CVSS Information
N/A
Vulnerability Type
N/A