KLA10732
Security bypass vulnerability in Mozilla Firefox and Firefox ESR

Обновлено: 03/06/2020

Дата обнаружения	22/12/2015
Уровень угрозы	Warning
Описание	Lack of security enforcement was found in Mozilla Firefox. By exploiting this vulnerability malicious users can conduct man-in-the-middle attack. This vulnerability can be exploited remotely via a collision-based attacks. Technical details This vulnerability caused by not rejecting MD5 signatures in TLS 1.2 Handshake Protocol traffic.
Пораженные продукты	Firefox versions earlier than 43.0.2 Firefox ESR versions earlier than 38.5.2
Решение	Update to the latest version Download Firefox ESR Download Firefox
Первичный источник обнаружения	Mozilla advisory
Оказываемое влияние ?	OSI [?] DoS [?] SB [?] LoI [?]
Связанные продукты	Mozilla Firefox Mozilla Firefox ESR
CVE-IDS	CVE-2015-75754.3Warning
	Узнай статистику распространения уязвимостей в твоем регионе

KLA10732Security bypass vulnerability in Mozilla Firefox and Firefox ESR