Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2014-1568
Description:Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue.
Test IDs: 1.3.6.1.4.1.25623.1.0.882035   1.3.6.1.4.1.25623.1.0.804927   1.3.6.1.4.1.25623.1.0.804926   1.3.6.1.4.1.25623.1.0.703034   1.3.6.1.4.1.25623.1.0.804920   1.3.6.1.4.1.25623.1.0.804922   1.3.6.1.4.1.25623.1.0.804923   1.3.6.1.4.1.25623.1.0.804921   1.3.6.1.4.1.25623.1.0.804925   1.3.6.1.4.1.25623.1.0.703037   1.3.6.1.4.1.25623.1.0.804918   1.3.6.1.4.1.25623.1.0.804919   1.3.6.1.4.1.25623.1.0.841982   1.3.6.1.4.1.25623.1.0.871251   1.3.6.1.4.1.25623.1.0.882038   1.3.6.1.4.1.25623.1.0.850617   1.3.6.1.4.1.25623.1.0.804924   1.3.6.1.4.1.25623.1.0.882036   1.3.6.1.4.1.25623.1.0.841983   1.3.6.1.4.1.25623.1.0.703033   1.3.6.1.4.1.25623.1.0.841985   1.3.6.1.4.1.25623.1.0.120184   1.3.6.1.4.1.25623.1.0.120186   1.3.6.1.4.1.25623.1.0.120183   1.3.6.1.4.1.25623.1.0.123298   1.3.6.1.4.1.25623.1.0.850832   1.3.6.1.4.1.25623.1.0.851008   1.3.6.1.4.1.25623.1.0.850899   1.3.6.1.4.1.25623.1.1.4.2014.1220.4   1.3.6.1.4.1.25623.1.1.4.2014.1220.1   1.3.6.1.4.1.25623.1.1.4.2014.1220.3   1.3.6.1.4.1.25623.1.1.4.2014.1220.2  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2014-1568
BugTraq ID: 70116
http://www.securityfocus.com/bid/70116
CERT/CC vulnerability note: VU#772676
http://www.kb.cert.org/vuls/id/772676
Debian Security Information: DSA-3033 (Google Search)
http://www.debian.org/security/2014/dsa-3033
Debian Security Information: DSA-3034 (Google Search)
http://www.debian.org/security/2014/dsa-3034
Debian Security Information: DSA-3037 (Google Search)
http://www.debian.org/security/2014/dsa-3037
https://security.gentoo.org/glsa/201504-01
RedHat Security Advisories: RHSA-2014:1307
http://rhn.redhat.com/errata/RHSA-2014-1307.html
RedHat Security Advisories: RHSA-2014:1354
http://rhn.redhat.com/errata/RHSA-2014-1354.html
RedHat Security Advisories: RHSA-2014:1371
http://rhn.redhat.com/errata/RHSA-2014-1371.html
http://secunia.com/advisories/61540
http://secunia.com/advisories/61574
http://secunia.com/advisories/61575
http://secunia.com/advisories/61576
http://secunia.com/advisories/61583
SuSE Security Announcement: SUSE-SU-2014:1220 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00032.html
SuSE Security Announcement: openSUSE-SU-2014:1224 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00036.html
SuSE Security Announcement: openSUSE-SU-2014:1232 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00039.html
http://www.ubuntu.com/usn/USN-2360-1
http://www.ubuntu.com/usn/USN-2360-2
http://www.ubuntu.com/usn/USN-2361-1
XForce ISS Database: mozilla-nss-cve20141568-sec-bypass(96194)
https://exchange.xforce.ibmcloud.com/vulnerabilities/96194




© 1998-2024 E-Soft Inc. All rights reserved.