vendor:
Internet Explorer
by:
Unknown
7.5
CVSS
HIGH
Security-Bypass
Unknown
CWE
Product Name: Internet Explorer
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: a:microsoft:internet_explorer
Platforms Tested: Windows
Unknown
Multiple Security-Bypass Vulnerabilities in Microsoft Internet Explorer
Microsoft Internet Explorer is prone to multiple security-bypass vulnerabilities because it fails to properly handle encoded values in X.509 certificates. Specifically, it fails to properly distinguish integer sequences that are then recognized as CN (common name) elements. Successful exploits allow attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks.
Mitigation:
Unknown