Vulnerability Details CVE-2011-3367
Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.3%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2011-3367
-
cpe:2.3:a:arora-browser:arora:0.11.0