Vulnerability in Gnome Epiphany
CVE-2010-3312
Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle attackers to spoof arbit…
EPSS: 0.010 (59.6th percentile) — read the EPSS interpretation.
Affected products
- Gnome Epiphany — versions 2.29, 2.28
- N/a — versions n/a
References
- secalert@redhat.com (x_refsource_MISC)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (mailing-list, x_refsource_MLIST)
- secalert@redhat.com (vdb-entry, x_refsource_VUPEN)
- secalert@redhat.com (mailing-list, x_refsource_MLIST)
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (mailing-list, x_refsource_MLIST)
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (vendor-advisory, x_refsource_SUSE)
- secalert@redhat.com (x_refsource_CONFIRM)