Дата обнаружения
|
22/12/2015 |
Уровень угрозы
|
Warning |
Описание
|
Lack of security enforcement was found in Mozilla Firefox. By exploiting this vulnerability malicious users can conduct man-in-the-middle attack. This vulnerability can be exploited remotely via a collision-based attacks. Technical details This vulnerability caused by not rejecting MD5 signatures in TLS 1.2 Handshake Protocol traffic. |
Пораженные продукты
|
Firefox versions earlier than 43.0.2 |
Решение
|
Update to the latest version |
Первичный источник обнаружения
|
Mozilla advisory |
Оказываемое влияние
?
|
OSI
[?]
DoS
[?]
SB
[?]
LoI
[?]
|
Связанные продукты
|
Mozilla Firefox Mozilla Firefox ESR |
CVE-IDS
|
|
Узнай статистику распространения уязвимостей в твоем регионе |