Filtered by vendor Arora-browser
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-3367 | 1 Arora-browser | 1 Arora | 2024-11-21 | 5.0 MEDIUM | N/A |
Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text. | |||||
CVE-2010-1100 | 1 Arora-browser | 1 Arora | 2024-11-21 | 5.0 MEDIUM | N/A |
Integer overflow in Arora allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. |