Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

KLA10732 Security bypass vulnerability in Mozilla Firefox and Firefox ESR

🗓️ 22 Dec 2015 00:00:00Reported by Kaspersky LabType 
kaspersky
 kaspersky🔗 threats.kaspersky.com👁 142 Views

Lack of security enforcement in Mozilla Firefox allows remote exploitation for man-in-the-middle attacks via collision-based attacks due to not rejecting MD5 signatures in TLS 1.2 Handshake Protocol traffic. Update to the latest version to mitigate the risk

Show more
Related
Refs
ReporterTitlePublishedViews
Family
Tenable Nessus		Oracle Linux 6 / 7 : gnutls (ELSA-2016-0012)
8 Jan 201600:00
nessus
Tenable Nessus		RHEL 6 / 7 : nss (RHSA-2016:0007) (SLOTH)
8 Jan 201600:00
nessus
Tenable Nessus		openSUSE Security Update : polarssl (openSUSE-2016-60) (SLOTH)
25 Jan 201600:00
nessus
Tenable Nessus		F5 Networks BIG-IP : SLOTH: TLS 1.2 handshake vulnerability (K02201365) (SLOTH)
12 Feb 201600:00
nessus
Tenable Nessus		Ubuntu 14.04 LTS : GnuTLS vulnerability (USN-2865-1)
11 Jan 201600:00
nessus
Tenable Nessus		Scientific Linux Security Update : nss on SL6.x, SL7.x i386/x86_64 (20160107) (SLOTH)
11 Jan 201600:00
nessus
Tenable Nessus		Ubuntu 14.04 LTS : Firefox vulnerability (USN-2866-1)
11 Jan 201600:00
nessus
Tenable Nessus		RHEL 6 / 7 : gnutls (RHSA-2016:0012) (SLOTH)
8 Jan 201600:00
nessus
Tenable Nessus		Ubuntu 12.04 LTS : openssl vulnerability (USN-2863-1) (SLOTH)
8 Jan 201600:00
nessus
Tenable Nessus		Mozilla Firefox < 43.0.2 RSA-MD5 Collision-based Forgery Weakness (SLOTH)
19 Feb 201600:00
nessus
Rows per page

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
22 Dec 2015 00:00Current
6.5Medium risk
Vulners AI Score6.5
CVSS24.3
CVSS35.9
EPSS0.02005
mozilla firefoxfirefox esrsecurity enforcementman-in-the-middle attackremote exploitationcollision-based attacksmd5 signaturestls 1.2updatevulnerabilityremote accessosidossbloiaffected products
142
.json
Report