CVE-2010-0744
Publication date 20 April 2010
Last updated 24 July 2024
Ubuntu priority
aMSN (aka Alvaro's Messenger) 0.98.3 and earlier, when SSL is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field or a Subject Alternative Name field of the X.509 certificate, which allows man-in-the-middle attackers to spoof an MSN server via an arbitrary certificate.
Status
Package | Ubuntu Release | Status |
---|---|---|
amsn | ||
Patch details
Package | Patch details |
---|---|
amsn |