CVE-2014-8642
CVSS v2.0
4.3 (Medium)
EPSS
0.34 % (72th)
Affected Products
3
Advisories
3
Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during a session in which there was an incorrect decision to accept a compromised and revoked certificate.
Weaknesses
- CWE-310
- Cryptographic Issues
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2015-01-14 11:59:10
(9 years ago) - Updated Date
-
2018-10-30 16:27:35
(5 years ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...