Vulnerabilities > Arora Browser

DATE CVE VULNERABILITY TITLE RISK
2011-11-29 CVE-2011-3367 Improper Input Validation vulnerability in Arora-Browser Arora 0.11.0
Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.
network
low complexity
arora-browser CWE-20
5.0
2010-03-24 CVE-2010-1100 Numeric Errors vulnerability in Arora-Browser Arora
Integer overflow in Arora allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25.
network
low complexity
arora-browser CWE-189
5.0