CVE-2011-3389: CVE-2011-3389

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2011-3389

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Opera 输入验证错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Opera是挪威欧朋（Opera Software）公司所开发的一款Web浏览器，它支持多窗口浏览、可定制用户界面等。 Opera 11.51之前版本中存在未明安全漏洞，该漏洞具有未知攻击向量和“low severity”影响。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2011-3389

#	POC Description	Source Link	Shenlong Link
1	:muscle: Proof Of Concept of the BEAST attack against SSL/TLS CVE-2011-3389 :muscle:	https://github.com/mpgn/BEAST-PoC	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2011-3389

Please Login to view more intelligence information

http://www.ibm.com/developerworks/java/jdk/alerts/x_refsource_CONFIRM
http://www.opera.com/support/kb/view/1004/x_refsource_CONFIRM
http://support.apple.com/kb/HT5501x_refsource_CONFIRM
http://www.opera.com/docs/changelogs/unix/1160/x_refsource_CONFIRM
http://www.opera.com/docs/changelogs/unix/1151/x_refsource_CONFIRM
http://technet.microsoft.com/security/advisory/2588513x_refsource_CONFIRM
http://curl.haxx.se/docs/adv_20120124B.htmlx_refsource_CONFIRM
http://ekoparty.org/2011/juliano-rizzo.phpx_refsource_MISC
http://support.apple.com/kb/HT5130x_refsource_CONFIRM
http://support.apple.com/kb/HT6150x_refsource_CONFIRM
http://eprint.iacr.org/2006/136x_refsource_MISC
https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdfx_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=737506x_refsource_CONFIRM
http://downloads.asterisk.org/pub/security/AST-2016-001.htmlx_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlx_refsource_CONFIRM
http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspxx_refsource_CONFIRM
http://support.apple.com/kb/HT5281x_refsource_CONFIRM
http://www.opera.com/docs/changelogs/windows/1151/x_refsource_CONFIRM
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmailx_refsource_CONFIRM
http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspxx_refsource_CONFIRM
http://vnhacker.blogspot.com/2011/09/beast.htmlx_refsource_MISC
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.htmlx_refsource_CONFIRM
http://isc.sans.edu/diary/SSL+TLS+part+3+/11635x_refsource_MISC
http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdfx_refsource_CONFIRM
https://bugzilla.novell.com/show_bug.cgi?id=719047x_refsource_CONFIRM
http://www.insecure.cl/Beast-SSL.rarx_refsource_MISC
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02x_refsource_MISC
http://www.imperialviolet.org/2011/09/23/chromeandbeast.htmlx_refsource_CONFIRM
http://www.opera.com/docs/changelogs/mac/1151/x_refsource_CONFIRM
http://www.opera.com/docs/changelogs/mac/1160/x_refsource_CONFIRM
http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issuex_refsource_CONFIRM
http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.htmlx_refsource_MISC
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlx_refsource_CONFIRM
http://support.apple.com/kb/HT5001x_refsource_CONFIRM
http://eprint.iacr.org/2004/111x_refsource_MISC
http://support.apple.com/kb/HT4999x_refsource_CONFIRM
http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.htmlx_refsource_CONFIRM
http://secunia.com/advisories/48256third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/55322third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/47998third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/49388vdb-entryx_refsource_BID
http://secunia.com/advisories/55350third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/49198third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/55351third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/48692third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/74829vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/48948third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/45791third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/49778vdb-entryx_refsource_BID
http://secunia.com/advisories/48915third-party-advisoryx_refsource_SECUNIA
http://www.securitytracker.com/id/1029190vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id?1026704vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id?1026103vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id?1025997vdb-entryx_refsource_SECTRACK
http://www.debian.org/security/2012/dsa-2398vendor-advisoryx_refsource_DEBIAN
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006vendor-advisoryx_refsource_MS
http://www.us-cert.gov/cas/techalerts/TA12-010A.htmlthird-party-advisoryx_refsource_CERT
http://www.kb.cert.org/vuls/id/864643third-party-advisoryx_refsource_CERT-VN
http://www.ubuntu.com/usn/USN-1263-1vendor-advisoryx_refsource_UBUNTU
http://marc.info/?l=bugtraq&m=132872385320240&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=134254957702612&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=133365109612558&w=2vendor-advisoryx_refsource_HP
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=133728004526190&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=134254866602253&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=132750579901589&w=2vendor-advisoryx_refsource_HP
http://www.mandriva.com/security/advisories?name=MDVSA-2012:058vendor-advisoryx_refsource_MANDRIVA
http://security.gentoo.org/glsa/glsa-201406-32.xmlvendor-advisoryx_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2011-1384.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2013-1455.htmlvendor-advisoryx_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-201203-02.xmlvendor-advisoryx_refsource_GENTOO
http://rhn.redhat.com/errata/RHSA-2012-0508.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2012-0006.htmlvendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.htmlvendor-advisoryx_refsource_SUSE
http://lists.apple.com/archives/security-announce/2012/May/msg00001.htmlvendor-advisoryx_refsource_APPLE
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.htmlvendor-advisoryx_refsource_APPLE
https://hermes.opensuse.org/messages/13155432vendor-advisoryx_refsource_SUSE
https://hermes.opensuse.org/messages/13154861vendor-advisoryx_refsource_SUSE
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.htmlvendor-advisoryx_refsource_APPLE
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.htmlvendor-advisoryx_refsource_APPLE
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.htmlvendor-advisoryx_refsource_APPLE
http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.htmlvendor-advisoryx_refsource_APPLE
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.htmlvendor-advisoryx_refsource_APPLE
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.htmlvendor-advisoryx_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752vdb-entrysignaturex_refsource_OVAL
https://nvd.nist.gov/vuln/detail/CVE-2011-3389

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2011-3389

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2011-3389

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2011-3389

III. Intelligence Information for CVE-2011-3389

IV. Related Vulnerabilities

V. Comments for CVE-2011-3389

Leave a comment