7.5

CVE-2014-1568

EPSS 35.36%
Published 25.09.2014 17:55:04
Last modified 12.04.2025 10:46:40
Source security@mozilla.org
Teams watchlist Login
Open Login

Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue.

Affected products Warnungen 0 Metrics 2 CWE 0 References 37

Data is provided by the National Vulnerability Database (NVD)

Google ≫ Chrome Version <= 37.0.2062.120

Apple ≫ macOS X
Microsoft ≫ Windows

Mozilla ≫ Firefox Version <= 32.0

Mozilla ≫ Firefox Version31.0

Mozilla ≫ Firefox Version31.1.0

Mozilla ≫ Firefox Version32.0.1

Mozilla ≫ Firefox Version32.0.2

Mozilla ≫ Firefox ESR Version24.8.0

Mozilla ≫ Network Security Services Version <= 3.16.2.0

Mozilla ≫ Network Security Services Version3.2

Mozilla ≫ Network Security Services Version3.2.1

Mozilla ≫ Network Security Services Version3.3

Mozilla ≫ Network Security Services Version3.3.1

Mozilla ≫ Network Security Services Version3.3.2

Mozilla ≫ Network Security Services Version3.4

Mozilla ≫ Network Security Services Version3.4.1

Mozilla ≫ Network Security Services Version3.4.2

Mozilla ≫ Network Security Services Version3.5

Mozilla ≫ Network Security Services Version3.6

Mozilla ≫ Network Security Services Version3.6.1

Mozilla ≫ Network Security Services Version3.7

Mozilla ≫ Network Security Services Version3.7.1

Mozilla ≫ Network Security Services Version3.7.2

Mozilla ≫ Network Security Services Version3.7.3

Mozilla ≫ Network Security Services Version3.7.5

Mozilla ≫ Network Security Services Version3.7.7

Mozilla ≫ Network Security Services Version3.8

Mozilla ≫ Network Security Services Version3.9

Mozilla ≫ Network Security Services Version3.11.2

Mozilla ≫ Network Security Services Version3.11.3

Mozilla ≫ Network Security Services Version3.11.4

Mozilla ≫ Network Security Services Version3.11.5

Mozilla ≫ Network Security Services Version3.12

Mozilla ≫ Network Security Services Version3.12.1

Mozilla ≫ Network Security Services Version3.12.2

Mozilla ≫ Network Security Services Version3.12.3

Mozilla ≫ Network Security Services Version3.12.3.1

Mozilla ≫ Network Security Services Version3.12.3.2

Mozilla ≫ Network Security Services Version3.12.4

Mozilla ≫ Network Security Services Version3.12.5

Mozilla ≫ Network Security Services Version3.12.6

Mozilla ≫ Network Security Services Version3.12.7

Mozilla ≫ Network Security Services Version3.12.8

Mozilla ≫ Network Security Services Version3.12.9

Mozilla ≫ Network Security Services Version3.12.10

Mozilla ≫ Network Security Services Version3.12.11

Mozilla ≫ Network Security Services Version3.14

Mozilla ≫ Network Security Services Version3.14.1

Mozilla ≫ Network Security Services Version3.14.2

Mozilla ≫ Network Security Services Version3.14.3

Mozilla ≫ Network Security Services Version3.14.4

Mozilla ≫ Network Security Services Version3.14.5

Mozilla ≫ Network Security Services Version3.15

Mozilla ≫ Network Security Services Version3.15.1

Mozilla ≫ Network Security Services Version3.15.2

Mozilla ≫ Network Security Services Version3.15.3

Mozilla ≫ Network Security Services Version3.15.3.1

Mozilla ≫ Network Security Services Version3.15.4

Mozilla ≫ Network Security Services Version3.15.5

Mozilla ≫ Network Security Services Version3.16

Mozilla ≫ Network Security Services Version3.16.1

Mozilla ≫ Network Security Services Version3.16.3

Mozilla ≫ Network Security Services Version3.16.4

Mozilla ≫ Seamonkey

Mozilla ≫ Seamonkey Update- Version <= 2.29

Mozilla ≫ Seamonkey Version1.0

Mozilla ≫ Seamonkey Version1.0 Updatealpha

Mozilla ≫ Seamonkey Version1.0 Updatebeta

Mozilla ≫ Seamonkey Version1.0.1

Mozilla ≫ Seamonkey Version1.0.2

Mozilla ≫ Seamonkey Version1.0.3

Mozilla ≫ Seamonkey Version1.0.4

Mozilla ≫ Seamonkey Version1.0.5

Mozilla ≫ Seamonkey Version1.0.6

Mozilla ≫ Seamonkey Version1.0.7

Mozilla ≫ Seamonkey Version1.0.8

Mozilla ≫ Seamonkey Version1.0.9

Mozilla ≫ Seamonkey Version1.1

Mozilla ≫ Seamonkey Version1.1 Updatealpha

Mozilla ≫ Seamonkey Version1.1 Updatebeta

Mozilla ≫ Seamonkey Version1.1.1

Mozilla ≫ Seamonkey Version1.1.2

Mozilla ≫ Seamonkey Version1.1.3

Mozilla ≫ Seamonkey Version1.1.4

Mozilla ≫ Seamonkey Version1.1.5

Mozilla ≫ Seamonkey Version1.1.6

Mozilla ≫ Seamonkey Version1.1.7

Mozilla ≫ Seamonkey Version1.1.8

Mozilla ≫ Seamonkey Version1.1.9

Mozilla ≫ Seamonkey Version1.1.10

Mozilla ≫ Seamonkey Version1.1.11

Mozilla ≫ Seamonkey Version1.1.12

Mozilla ≫ Seamonkey Version1.1.13

Mozilla ≫ Seamonkey Version1.1.14

Mozilla ≫ Seamonkey Version1.1.15

Mozilla ≫ Seamonkey Version1.1.16

Mozilla ≫ Seamonkey Version1.1.17

Mozilla ≫ Seamonkey Version1.1.18

Mozilla ≫ Seamonkey Version1.1.19

Mozilla ≫ Seamonkey Version1.5.0.8

Mozilla ≫ Seamonkey Version1.5.0.9

Mozilla ≫ Seamonkey Version1.5.0.10

Mozilla ≫ Seamonkey Version2.0

Mozilla ≫ Seamonkey Version2.0 Updatealpha_1

Mozilla ≫ Seamonkey Version2.0 Updatealpha_2

Mozilla ≫ Seamonkey Version2.0 Updatealpha_3

Mozilla ≫ Seamonkey Version2.0 Updatebeta_1

Mozilla ≫ Seamonkey Version2.0 Updatebeta_2

Mozilla ≫ Seamonkey Version2.0 Updaterc1

Mozilla ≫ Seamonkey Version2.0 Updaterc2

Mozilla ≫ Seamonkey Version2.0.1

Mozilla ≫ Seamonkey Version2.0.2

Mozilla ≫ Seamonkey Version2.0.3

Mozilla ≫ Seamonkey Version2.0.4

Mozilla ≫ Seamonkey Version2.0.5

Mozilla ≫ Seamonkey Version2.0.6

Mozilla ≫ Seamonkey Version2.0.7

Mozilla ≫ Seamonkey Version2.0.8

Mozilla ≫ Seamonkey Version2.0.9

Mozilla ≫ Seamonkey Version2.0.10

Mozilla ≫ Seamonkey Version2.0.11

Mozilla ≫ Seamonkey Version2.0.12

Mozilla ≫ Seamonkey Version2.0.13

Mozilla ≫ Seamonkey Version2.0.14

Mozilla ≫ Seamonkey Version2.1

Mozilla ≫ Seamonkey Version2.1 Updatealpha1

Mozilla ≫ Seamonkey Version2.1 Updatealpha2

Mozilla ≫ Seamonkey Version2.1 Updatealpha3

Mozilla ≫ Seamonkey Version2.1 Updatebeta1

Mozilla ≫ Seamonkey Version2.1 Updatebeta2

Mozilla ≫ Seamonkey Version2.1 Updatebeta3

Mozilla ≫ Seamonkey Version2.1 Updaterc1

Mozilla ≫ Seamonkey Version2.1 Updaterc2

Mozilla ≫ Seamonkey Version2.2

Mozilla ≫ Seamonkey Version2.2 Updatebeta1

Mozilla ≫ Seamonkey Version2.2 Updatebeta2

Mozilla ≫ Seamonkey Version2.2 Updatebeta3

Mozilla ≫ Seamonkey Version2.10

Mozilla ≫ Seamonkey Version2.10 Updatebeta1

Mozilla ≫ Seamonkey Version2.10 Updatebeta2

Mozilla ≫ Seamonkey Version2.10 Updatebeta3

Mozilla ≫ Seamonkey Version2.10.1

Mozilla ≫ Seamonkey Version2.11

Mozilla ≫ Seamonkey Version2.11 Updatebeta1

Mozilla ≫ Seamonkey Version2.11 Updatebeta2

Mozilla ≫ Seamonkey Version2.11 Updatebeta3

Mozilla ≫ Seamonkey Version2.11 Updatebeta4

Mozilla ≫ Seamonkey Version2.11 Updatebeta5

Mozilla ≫ Seamonkey Version2.11 Updatebeta6

Mozilla ≫ Seamonkey Version2.12

Mozilla ≫ Seamonkey Version2.12 Updatebeta1

Mozilla ≫ Seamonkey Version2.12 Updatebeta2

Mozilla ≫ Seamonkey Version2.12 Updatebeta3

Mozilla ≫ Seamonkey Version2.12 Updatebeta4

Mozilla ≫ Seamonkey Version2.12 Updatebeta5

Mozilla ≫ Seamonkey Version2.12 Updatebeta6

Mozilla ≫ Seamonkey Version2.12.1

Mozilla ≫ Seamonkey Version2.13

Mozilla ≫ Seamonkey Version2.13 Updatebeta1

Mozilla ≫ Seamonkey Version2.13 Updatebeta2

Mozilla ≫ Seamonkey Version2.13 Updatebeta3

Mozilla ≫ Seamonkey Version2.13 Updatebeta4

Mozilla ≫ Seamonkey Version2.13 Updatebeta5

Mozilla ≫ Seamonkey Version2.13 Updatebeta6

Mozilla ≫ Seamonkey Version2.13.1

Mozilla ≫ Seamonkey Version2.13.2

Mozilla ≫ Seamonkey Version2.14

Mozilla ≫ Seamonkey Version2.14 Updatebeta1

Mozilla ≫ Seamonkey Version2.14 Updatebeta2

Mozilla ≫ Seamonkey Version2.14 Updatebeta3

Mozilla ≫ Seamonkey Version2.14 Updatebeta4

Mozilla ≫ Seamonkey Version2.14 Updatebeta5

Mozilla ≫ Seamonkey Version2.15

Mozilla ≫ Seamonkey Version2.15 Updatebeta1

Mozilla ≫ Seamonkey Version2.15 Updatebeta2

Mozilla ≫ Seamonkey Version2.15 Updatebeta3

Mozilla ≫ Seamonkey Version2.15 Updatebeta4

Mozilla ≫ Seamonkey Version2.15 Updatebeta5

Mozilla ≫ Seamonkey Version2.15 Updatebeta6

Mozilla ≫ Seamonkey Version2.15.1

Mozilla ≫ Seamonkey Version2.15.2

Mozilla ≫ Seamonkey Version2.16

Mozilla ≫ Seamonkey Version2.16 Updatebeta1

Mozilla ≫ Seamonkey Version2.16 Updatebeta2

Mozilla ≫ Seamonkey Version2.16 Updatebeta3

Mozilla ≫ Seamonkey Version2.16 Updatebeta4

Mozilla ≫ Seamonkey Version2.16 Updatebeta5

Mozilla ≫ Seamonkey Version2.16.1

Mozilla ≫ Seamonkey Version2.16.2

Mozilla ≫ Seamonkey Version2.17

Mozilla ≫ Seamonkey Version2.17 Updatebeta1

Mozilla ≫ Seamonkey Version2.17 Updatebeta2

Mozilla ≫ Seamonkey Version2.17 Updatebeta3

Mozilla ≫ Seamonkey Version2.17 Updatebeta4

Mozilla ≫ Seamonkey Version2.17.1

Mozilla ≫ Seamonkey Version2.18 Updatebeta1

Mozilla ≫ Seamonkey Version2.18 Updatebeta2

Mozilla ≫ Seamonkey Version2.18 Updatebeta3

Mozilla ≫ Seamonkey Version2.18 Updatebeta4

Mozilla ≫ Seamonkey Version2.19

Mozilla ≫ Seamonkey Version2.19 Updatebeta1

Mozilla ≫ Seamonkey Version2.19 Updatebeta2

Mozilla ≫ Seamonkey Version2.20

Mozilla ≫ Seamonkey Version2.20 Updatebeta1

Mozilla ≫ Seamonkey Version2.20 Updatebeta2

Mozilla ≫ Seamonkey Version2.20 Updatebeta3

Mozilla ≫ Seamonkey Version2.21 Updatebeta1

Mozilla ≫ Seamonkey Version2.21 Updatebeta2

Mozilla ≫ Seamonkey Version2.22 Updatebeta1

Mozilla ≫ Seamonkey Version2.22 Updatebeta2

Mozilla ≫ Seamonkey Version2.22.1

Mozilla ≫ Seamonkey Version2.23

Mozilla ≫ Seamonkey Version2.23 Updatebeta1

Mozilla ≫ Seamonkey Version2.24

Mozilla ≫ Seamonkey Version2.24 Updatebeta1

Mozilla ≫ Seamonkey Version2.25 Update-

Mozilla ≫ Seamonkey Version2.25 Updatebeta1

Mozilla ≫ Seamonkey Version2.25 Updatebeta2

Mozilla ≫ Seamonkey Version2.25 Updatebeta3

Mozilla ≫ Seamonkey Version2.26 Update-

Mozilla ≫ Seamonkey Version2.26 Updaterc1

Mozilla ≫ Thunderbird Version <= 24.8.0

Mozilla ≫ Thunderbird Version31.0

Mozilla ≫ Thunderbird Version31.1.0

Mozilla ≫ Thunderbird Version31.1.1

Google ≫ Chrome Version <= 37.0.2062.103

Google ≫ Chrome Os

Google ≫ Chrome Version37.0.2062.0

Google ≫ Chrome Os

Google ≫ Chrome Version37.0.2062.3

Google ≫ Chrome Os

Google ≫ Chrome Version37.0.2062.20

Google ≫ Chrome Os

Google ≫ Chrome Version37.0.2062.100

Google ≫ Chrome Os

Google ≫ Chrome Version37.0.2062.102

Google ≫ Chrome Os

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	35.36%	0.969

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

https://security.gentoo.org/glsa/201504-01

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698

http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

http://rhn.redhat.com/errata/RHSA-2014-1354.html

http://www.novell.com/support/kb/doc.php?id=7015701

http://googlechromereleases.blogspot.com/2014/09/stable-channel-update-for-chrome-os_24.html

http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_24.html

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00032.html

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00036.html

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00039.html

http://rhn.redhat.com/errata/RHSA-2014-1307.html

http://rhn.redhat.com/errata/RHSA-2014-1371.html

http://secunia.com/advisories/61540

http://secunia.com/advisories/61574

http://secunia.com/advisories/61575

http://secunia.com/advisories/61576

http://secunia.com/advisories/61583

http://www.debian.org/security/2014/dsa-3033

http://www.debian.org/security/2014/dsa-3034

http://www.debian.org/security/2014/dsa-3037

http://www.kb.cert.org/vuls/id/772676

US Government Resource

http://www.mozilla.org/security/announce/2014/mfsa2014-73.html

Vendor Advisory

http://www.securityfocus.com/bid/70116

http://www.ubuntu.com/usn/USN-2360-1

http://www.ubuntu.com/usn/USN-2360-2

http://www.ubuntu.com/usn/USN-2361-1

https://bugzilla.mozilla.org/show_bug.cgi?id=1064636

https://bugzilla.mozilla.org/show_bug.cgi?id=1069405

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/96194

https://nvd.nist.gov/vuln/detail/CVE-2014-1568

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-1568

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-1568

EUVD