Published: 23/07/2014 Updated: 07/01/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Mozilla Firefox prior to 31.0 and Thunderbird prior to 31.0 allow remote malicious users to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1558.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla thunderbird 24.6
mozilla thunderbird 24.5
mozilla thunderbird 24.0
mozilla firefox
mozilla thunderbird 24.0.1
mozilla thunderbird 24.1
mozilla thunderbird 24.1.1
mozilla thunderbird 24.2
mozilla thunderbird
mozilla thunderbird 24.3
mozilla thunderbird 24.4

Firefox could be made to crash or run programs as your login if it opened a malicious website ...

Several security issues were fixed in Thunderbird ...

Mozilla Foundation Security Advisory 2014-65 Certificate parsing broken by non-standard character encoding Announced July 22, 2014 Reporter Christian Holler Impact Moderate Products Firefox, Thunderbird Fixed in ...

NVD-CWE-Other http://www.mozilla.org/security/announce/2014/mfsa2014-65.html https://bugzilla.mozilla.org/show_bug.cgi?id=1026022 http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://security.gentoo.org/glsa/201504-01 http://www.securitytracker.com/id/1030620 http://www.securitytracker.com/id/1030619 http://secunia.com/advisories/60628 https://nvd.nist.gov https://usn.ubuntu.com/2295-1/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-1559

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect