Mozilla Firefox and SeaMonkey Trust Vulnerability
CVE-2014-8642

Currently unrated

Key Information:

Vendor

Mozilla
Status
Seamonkey
Vendor
CVE Published:
14 January 2015

What is CVE-2014-8642?

Older versions of Mozilla Firefox and SeaMonkey do not properly validate the id-pkix-ocsp-nocheck extension, which can lead to an increased risk of accepting compromised and revoked certificates. This flaw allows remote attackers to intercept and sniff network traffic, potentially exposing sensitive information during sessions that incorrectly trust invalid certificates.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/62242
third-party-advisoryx_refsource_SECUNIA
http://www.securitytracker.com/id/1031533
vdb-entryx_refsource_SECTRACK
http://lists.opensuse.org/opensuse-security-announce/2015...
vendor-advisoryx_refsource_SUSE

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.