Описание
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| iceweasel | fixed | 31.0-1 | package | |
| icedove | fixed | 31.0-1 | package | |
| iceweasel | not-affected | wheezy | package | |
| icedove | not-affected | wheezy | package | |
| iceweasel | end-of-life | squeeze | package | |
| icedove | end-of-life | squeeze | package |
Примечания
https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
EPSS
Связанные уязвимости
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559.
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559.
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559.
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559.
Уязвимость программного обеспечения Thunderbird, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
EPSS