4.3
CVE-2014-1560
- EPSS 1.11%
- Veröffentlicht 23.07.2014 11:12:43
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle security@mozilla.org
- CVE-Watchlists
- Unerledigt
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Thunderbird Version <= 24.7
Mozilla ≫ Thunderbird Version24.0
Mozilla ≫ Thunderbird Version24.0.1
Mozilla ≫ Thunderbird Version24.1
Mozilla ≫ Thunderbird Version24.1.1
Mozilla ≫ Thunderbird Version24.2
Mozilla ≫ Thunderbird Version24.3
Mozilla ≫ Thunderbird Version24.4
Mozilla ≫ Thunderbird Version24.5
Mozilla ≫ Thunderbird Version24.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.11% | 0.617 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
https://security.gentoo.org/glsa/201504-01
http://secunia.com/advisories/60628
http://www.securitytracker.com/id/1030619
http://www.securitytracker.com/id/1030620
http://www.mozilla.org/security/announce/2014/mfsa2014-65.html
https://bugzilla.mozilla.org/show_bug.cgi?id=997795