Published: 18/08/2004 Updated: 11/10/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The cert_TestHostName function in Mozilla prior to 1.7, Firefox prior to 0.9, and Thunderbird prior to 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote malicious users to spoof trusted certificates.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla thunderbird
mozilla firefox
mozilla mozilla

Synopsis mozilla security update Type/Severity Security Advisory: Critical Topic Updated mozilla packages based on version 143 that fix a number ofsecurity issues for Red Hat Enterprise Linux are now available Description Mozilla is an open source Web browser, advanced email and newsgrou ...

NVD-CWE-Other http://bugzilla.mozilla.org/show_bug.cgi?id=234058 http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7 http://www.redhat.com/support/errata/RHSA-2004-421.html http://www.novell.com/linux/security/advisories/2004_36_mozilla.html http://marc.info/?l=bugtraq&m=109900315219363&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/16868 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11162 https://access.redhat.com/errata/RHSA-2004:421 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-0765

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect