Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
net/socket/ssl_client_socket_nss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers to interfere with trust relationships by renegotiating a session.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google Chrome TLS 安全漏洞
Vulnerability Description
Google Chrome是美国谷歌(Google)公司开发的一款Web浏览器。 Google Chrome 31.0.1650.47及之前的版本中的TLS实现过程中的net/socket/ssl_client_socket_nss.cc文件中存在安全漏洞,该漏洞源于在重新协商期间程序没有确认服务器的X.509证书是否相同。远程攻击者可借助重新协商会话利用该漏洞干扰信任关系。
CVSS Information
N/A
Vulnerability Type
N/A