Security Advisory

CVE-2014-1771

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-06-11 01:00:00

Last updated 2024-08-06 09:50:11

Assigner microsoft

State PUBLISHED

Description

SChannel in Microsoft Internet Explorer 6 through 11 does not ensure that a servers X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack," aka "TLS Server Certificate Renegotiation Vulnerability."

← Browse all CVEs View on cve.org ↗