VYPR
Vendor

Arora Browser

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2011-3367Nov 29, 2011
    risk 0.00cvss epss 0.01

    Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.

  • CVE-2010-1100Mar 24, 2010
    risk 0.00cvss epss 0.01

    Integer overflow in Arora allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25.