Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2015/10/15 12:0 a.m.30 views

Mageia: Security Advisory (MGASA-2015-0342)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9.2AI score0.67465EPSS
Exploits4References27
NVD
NVD
added 2015/04/08 10:59 a.m.20 views

CVE-2015-0799

The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying that server in the uri-host field of an Alt-Svc HTTP/2 response header...

4.3CVSS6.2AI score0.01174EPSS
Exploits0References7
CVE
CVE
added 2015/04/08 10:0 a.m.138 views

CVE-2015-0799

Summary: Mozilla Firefox before 37.0.1 is affected by CVE-2015-0799 due to the HTTP Alt-Svc feature, which allows a man‑in‑the‑middle attacker to bypass X.509 certificate verification by directing the client to a chosen server via the uri-host in an Alt-Svc header. Impact: potential MITM disclosu...

4.3CVSS9.1AI score0.01174EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/04/08 12:0 a.m.27 views

Ubuntu 14.04 LTS : Firefox vulnerability (USN-2557-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2557-1 advisory. Muneaki Nishimura discovered a flaw in Mozilla's HTTP Alternative Services implementation which meant SSL certificate verification could be bypassed in some...

4.3CVSS8.3AI score0.01174EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2015/04/07 10:3 a.m.70 views

USN-2557-1: Firefox vulnerability

Muneaki Nishimura discovered a flaw in Mozilla's HTTP Alternative Services implementation which meant SSL certificate verification could be bypassed in some circumstances. A remote attacker could potentially exploit this to conduct a machine-in-the-middle attack. CVE-2015-0799...

4.3CVSS8.4AI score0.01174EPSS
Exploits0
OSV
OSV
added 2015/04/07 10:3 a.m.2 views

USN-2557-1 firefox vulnerability

Muneaki Nishimura discovered a flaw in Mozilla's HTTP Alternative Services implementation which meant SSL certificate verification could be bypassed in some circumstances. A remote attacker could potentially exploit this to conduct a machine-in-the-middle attack. CVE-2015-0799...

4.3CVSS7.3AI score0.01174EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2015/04/06 12:0 a.m.78 views

KLA10531 Security bypass vulnerabilities in Mozilla Firefox

Multiple serious vulnerabilities have been found in Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions. Below is a complete list of vulnerabilities 1. Lack of privileges restrictions can be exploited remotely via vectors related to reader mode. Firefox for...

5CVSS9.3AI score0.02235EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2015/04/06 12:0 a.m.35 views

Mozilla Firefox SSL Certificate Verification Bypass Vulnerability (Apr 2015) - Windows

Mozilla Firefox is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

4.3CVSS9.4AI score0.01174EPSS
Exploits0References1
Rows per page
Query Builder