Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Blackberry Browser in RIM BlackBerry Device Software 4.5.0 before 4.5.0.173, 4.6.0 before 4.6.0.303, 4.6.1 before 4.6.1.309, 4.7.0 before 4.7.0.179, and 4.7.1 before 4.7.1.57 does not properly handle "hidden" characters including a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RIM BlackBerry Device Software Browser Dialog Box证书错配错误漏洞
Vulnerability Description
RIM BlackBerry Device Software 4.5.0.173版本之前的4.5.0版本, 4.6.0.303版本之前的4.6.0版本, 4.6.1.309版本之前的4.6.1版本, 4.7.0.179版本之前的4.7.0版本,以及4.7.1.57版本之前的4.7.1版本的黑莓浏览器没有适当地处理X.509证书的主题共享名(CN)中的域名包括一个'\0'字符的"hidden"字符,这会允许中间人攻击者通过一个特制的由合法证书认证机构颁发的证书来骗取任意SSL。
CVSS Information
N/A
Vulnerability Type
N/A