KLA10446
CI vulnerability in Mozilla products
Updated: 11/06/2018
CVSS
?
6.8
Detect date
?
01/13/2015
Severity
?
High
Description

Improper interpretation of HTTP headers was found in Mozilla products. By exploiting this vulnerability malicious users can inject cookie. This vulnerability can be exploited via specially designed HTTP headers.

Affected products

Mozilla Firefox earlier than 35
Mozilla Firefox ESR earlier than 31.4
Mozilla SeaMonkey earlier than 2.32
Mozilla Thunderbird earlier than 31.4

Solution

Update to latest version
Get Thunderbird
Get Firefox
Get SeaMonkey

Original advisories

MFSA

Impacts
?
CI 
[?]
Related products
Mozilla Firefox
Mozilla Thunderbird
Mozilla SeaMonkey
Mozilla Firefox ESR
CVE-IDS
?

CVE-2014-8639