CVE-2010-3312
published 2010-10-14CVE-2010-3312: Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without…
PriorityP424medium5.8CVSS 2.0
AVNACMAuNCPIPAN
EPSS
1.04%
59.6th percentile
Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted X.509 server certificate.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| christian_dywan | midori | <= 0.2.4 | — |
| christian_dywan | midori | — | — |
| christian_dywan | midori | — | — |
| christian_dywan | midori | — | — |
| christian_dywan | midori | — | — |
| christian_dywan | midori | — | — |
| christian_dywan | midori | >= 0 < 0.2.7-1.1 | 0.2.7-1.1 |
| debian | epiphany-browser | < epiphany-browser 2.29.91-1 (bookworm) | epiphany-browser 2.29.91-1 (bookworm) |
| debian | midori | < midori 0.2.7-1.1 (bullseye) | midori 0.2.7-1.1 (bullseye) |
| gnome | epiphany | — | — |
| gnome | epiphany | — | — |
CVSS provenance
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
osv5.8MEDIUM
vendor_debian5.8LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2010-3312: epiphany-browser - Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displa...
vendor_debian·2010·CVSS 5.8
CVE-2010-3312 [MEDIUM] CVE-2010-3312: epiphany-browser - Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displa...
Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted X.509 server certificate.
Scope: local
bookworm: resolved (fixed in 2.29.91-1)
bullseye: resolved (fixed in 2.29.91-1)
forky: resolved (fixed in 2.29.91-1)
sid: resolved (fixed in 2.29.91-1)
trixie: resolved (fixed in 2.29.91-1)
Debian
CVE-2010-3900: midori - Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 is ...
vendor_debian·2010·CVSS 5.8
CVE-2010-3900 [MEDIUM] CVE-2010-3900: midori - Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 is ...
Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 is used, does not verify X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted server certificate, a related issue to CVE-2010-3312.
Scope: local
bullseye: resolved (fixed in 0.2.7-1.1)
GHSA
GHSA-x27m-58m8-qvm6: Midori before 0
ghsa_unreviewed·2022-05-17·CVSS 5.8
CVE-2010-3900 [MEDIUM] GHSA-x27m-58m8-qvm6: Midori before 0
Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 is used, does not verify X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted server certificate, a related issue to CVE-2010-3312.
GHSA
GHSA-mwx6-jr67-8329: Epiphany 2
ghsa_unreviewed·2022-05-17
CVE-2010-3312 [MEDIUM] GHSA-mwx6-jr67-8329: Epiphany 2
Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted X.509 server certificate.
OSV
CVE-2010-3312: Epiphany 2
osv·2010-10-14·CVSS 5.8
CVE-2010-3312 [MEDIUM] CVE-2010-3312: Epiphany 2
Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted X.509 server certificate.
OSV
CVE-2010-3900: Midori before 0
osv·2010-10-14·CVSS 5.8
CVE-2010-3900 [MEDIUM] CVE-2010-3900: Midori before 0
Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 is used, does not verify X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted server certificate, a related issue to CVE-2010-3312.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2010-3900 Midori: When used with WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 does not verify X.509 certificates
bugzilla·2010-10-15·CVSS 5.8
CVE-2010-3900 [MEDIUM] CVE-2010-3900 Midori: When used with WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 does not verify X.509 certificates
CVE-2010-3900 Midori: When used with WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 does not verify X.509 certificates
Common Vulnerabilities and Exposures assigned an identifier CVE-2010-3900 to
the following vulnerability:
Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before
2.29.91 is used, does not verify X.509 certificates, which allows
man-in-the-middle attackers to spoof arbitrary https web sites via a
crafted server certificate, a related issue to CVE-2010-3312.
References:
[1] http://www.openwall.com/lists/oss-security/2010/09/17/6
[2] http://www.omgubuntu.co.uk/2010/05/midori-0-2-5-released/
[3] http://www.twotoasts.de/bugs/index.php?do=details&task_id=743
[4] http://git.xfce.org/apps/midori/tree/ChangeLog
[5] http://www.twotoasts.de/bugs/index.php?do=detai
Bugzilla
epiphany: MITM attacker can intercept background SSL connections without warning
bugzilla·2010-10-14
[MEDIUM] epiphany: MITM attacker can intercept background SSL connections without warning
epiphany: MITM attacker can intercept background SSL connections without warning
Created attachment 453599
Test kit for Epiphany "cross-certificate scripting"
Description of problem:
Epiphany is willing to connect to an SSL server regardless of the certificate, though it only shows the unbroken lock if the main HTML page was received under a good certificate. Whether this kind of policy is advisable at all is controversial in the Fedora community (see https://lists.fedoraproject.org/pipermail/devel/2010-April/135269.html). But apart from that, the Epiphany implementation suffers from behaviors I think we can objectively consider to be security holes. Here's one.
In my testing, after Epiphany connects to a server and downloads an HTML page with multiple embedded items, it opens one or mo
Bugzilla
CVE-2010-3312 epiphany: no longer verifies SSL certificates [fedora-all]
bugzilla·2010-09-23·CVSS 5.8
CVE-2010-3312 [MEDIUM] CVE-2010-3312 epiphany: no longer verifies SSL certificates [fedora-all]
CVE-2010-3312 epiphany: no longer verifies SSL certificates [fedora-all]
fedora-12 tracking bug for epiphany: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.
[bug automatically created by: add-tracking-bugs]
Discussion:
This message is a reminder that Fedora 12 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 12. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora
'version' of '12'.
Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a curr
Bugzilla
CVE-2010-3312 epiphany: no longer verifies SSL certificates
bugzilla·2010-09-23·CVSS 5.8
CVE-2010-3312 [MEDIUM] CVE-2010-3312 epiphany: no longer verifies SSL certificates
CVE-2010-3312 epiphany: no longer verifies SSL certificates
A Debian bug report [1] reported that newer versions of Epiphany no longer verify certificates for HTTPS connections. This was previously reported upstream [2] and has been fixed in Git [3],[4].
This has been fixed in the upstream version as provided by Fedora 13 (2.30.2), but still affects Fedora 12's version (2.28.2).
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564690
[2] https://bugzilla.gnome.org/show_bug.cgi?id=600663
[3] http://git.gnome.org/browse/epiphany/commit/?id=3e0f7dea754381c5ad11a06ccc62eb153382b498
[4] http://git.gnome.org/browse/epiphany/commit/?id=f3ed2a94694b698bb3cb38bb08a741364fe2df9b
Discussion:
Created epiphany tracking bugs for this issue
Affects: fedora-12 [bug 636934]
---
Testing with the
http://blog.fefe.de/?ts=b26ca29dhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564690http://bugzilla-attachments.gnome.org/attachment.cgi?id=154330http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://secunia.com/advisories/43068http://www.openwall.com/lists/oss-security/2010/09/17/10http://www.openwall.com/lists/oss-security/2010/09/17/12http://www.openwall.com/lists/oss-security/2010/09/17/13http://www.openwall.com/lists/oss-security/2010/09/17/5http://www.openwall.com/lists/oss-security/2010/09/17/6http://www.openwall.com/lists/oss-security/2010/09/20/2http://www.openwall.com/lists/oss-security/2010/09/21/5http://www.vupen.com/english/advisories/2011/0212https://bugzilla.gnome.org/show_bug.cgi?id=600663http://blog.fefe.de/?ts=b26ca29dhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564690http://bugzilla-attachments.gnome.org/attachment.cgi?id=154330http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://secunia.com/advisories/43068http://www.openwall.com/lists/oss-security/2010/09/17/10http://www.openwall.com/lists/oss-security/2010/09/17/12http://www.openwall.com/lists/oss-security/2010/09/17/13http://www.openwall.com/lists/oss-security/2010/09/17/5http://www.openwall.com/lists/oss-security/2010/09/17/6http://www.openwall.com/lists/oss-security/2010/09/20/2http://www.openwall.com/lists/oss-security/2010/09/21/5http://www.vupen.com/english/advisories/2011/0212https://bugzilla.gnome.org/show_bug.cgi?id=600663
2010-10-14
Published