Improper Restriction in Mozilla Products' Diffie-Hellman Key Exchange Mechanism
CVE-2014-1491

Currently unrated

Key Information:

Vendor

Mozilla
Status
Network Security Services
Seamonkey
Firefox
Firefox Esr
Vendor
CVE Published:
6 February 2014

What is CVE-2014-1491?

The vulnerability in Mozilla's Network Security Services (NSS) impacts several key products by failing to properly restrict public values during Diffie-Hellman key exchanges. This oversight allows remote attackers the possibility to exploit the handling of tickets, potentially bypassing cryptographic protection mechanisms and compromising the security of user data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.ubuntu.com/usn/USN-2119-1
vendor-advisoryx_refsource_UBUNTU
http://www.oracle.com/technetwork/topics/security/ovmbull...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1029721
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.