CVE-2015-2319

Published: Jan 8, 2018

Modified: Aug 6, 2024

PUBLISHED

Description

The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

USN-2547-1

vendor-advisory

x_refsource_UBUNTU

73250

vdb-entry

x_refsource_BID

https://bugzilla.redhat.com/show_bug.cgi?id=1202869

x_refsource_CONFIRM

https://mitls.org/pages/attacks/SMACK#freak

x_refsource_MISC

[oss-security] 20150317 Re: Mono TLS vulnerabilities

mailing-list

x_refsource_MLIST

http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/

x_refsource_CONFIRM

DSA-3202

vendor-advisory

x_refsource_DEBIAN

https://github.com/mono/mono/commit/9c38772f094168d8bfd5bc73bf8925cd04faad10

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-2319

Description

Affected Products

References