Arora-browser : Security Vulnerabilities, CVEs,
Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.
Max CVSS
5.0
EPSS Score
0.20%
Published
2011-11-29
Updated
2011-11-30
Integer overflow in Arora allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25.
Max CVSS
5.0
EPSS Score
0.22%
Published
2010-03-24
Updated
2018-10-10
2 vulnerabilities found