The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) prior to 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle malicious users to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla network security services 3.12.1 |
||
mozilla network security services 3.12.10 |
||
mozilla network security services 3.12.5 |
||
mozilla network security services 3.12.6 |
||
mozilla network security services 3.12.7 |
||
mozilla network security services 3.14.4 |
||
mozilla network security services 3.14.5 |
||
mozilla network security services 3.3 |
||
mozilla network security services 3.3.1 |
||
mozilla network security services 3.6.1 |
||
mozilla network security services 3.7 |
||
mozilla network security services 3.7.1 |
||
mozilla network security services 3.11.2 |
||
mozilla network security services 3.12.11 |
||
mozilla network security services 3.12.2 |
||
mozilla network security services 3.12.8 |
||
mozilla network security services 3.12.9 |
||
mozilla network security services 3.15 |
||
mozilla network security services 3.15.1 |
||
mozilla network security services 3.3.2 |
||
mozilla network security services 3.4 |
||
mozilla network security services 3.7.2 |
||
mozilla network security services 3.7.3 |
||
mozilla network security services 3.11.3 |
||
mozilla network security services 3.11.4 |
||
mozilla network security services 3.12.3 |
||
mozilla network security services 3.12.3.1 |
||
mozilla network security services 3.14 |
||
mozilla network security services 3.14.1 |
||
mozilla network security services 3.15.2 |
||
mozilla network security services |
||
mozilla network security services 3.4.1 |
||
mozilla network security services 3.4.2 |
||
mozilla network security services 3.7.5 |
||
mozilla network security services 3.7.7 |
||
mozilla network security services 3.11.5 |
||
mozilla network security services 3.12 |
||
mozilla network security services 3.12.3.2 |
||
mozilla network security services 3.12.4 |
||
mozilla network security services 3.14.2 |
||
mozilla network security services 3.14.3 |
||
mozilla network security services 3.2 |
||
mozilla network security services 3.2.1 |
||
mozilla network security services 3.5 |
||
mozilla network security services 3.6 |
||
mozilla network security services 3.8 |
||
mozilla network security services 3.9 |