Lucene search
K

6 matches found

Check Point Advisories
Check Point Advisories
added 2015/03/18 12:0 a.m.1 views

Mozilla Firefox WebRTC Man-in-the-Middle Attack (CVE-2015-0834)

A security bypass vulnerability has been reported in Mozilla Firefox browser. The vulnerability is due to a weakness in the WebRTC protocol. The vulnerability can be exploited through the use of a man-in-the-middle attack. Successful exploitation would allow attackers to decrypt online traffic...

4.3CVSS8.8AI score0.01259EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/03/02 12:0 a.m.66 views

openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2015-185)

MozillaFirefox, mozilla-nss were updated to fix 18 security issues. MozillaFirefox was updated to version 36.0. These security issues were fixed : - CVE-2015-0835, CVE-2015-0836: Miscellaneous memory safety hazards - CVE-2015-0832: Appended period to hostnames can bypass HPKP and HSTS protections...

7.5CVSS7.1AI score0.06029EPSS
Exploits4References20
OpenVAS
OpenVAS
added 2015/03/02 12:0 a.m.35 views

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:0404-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2015/03/01 11:4 a.m.40 views

Security update for MozillaFirefox, mozilla-nss (important)

MozillaFirefox, mozilla-nss were updated to fix 18 security issues. MozillaFirefox was updated to version 36.0. These security issues were fixed: - CVE-2015-0835, CVE-2015-0836: Miscellaneous memory safety hazards - CVE-2015-0832: Appended period to hostnames can bypass HPKP and HSTS protections ...

7.5CVSS0.4AI score0.06029EPSS
Exploits4References2
NVD
NVD
added 2015/02/25 11:59 a.m.15 views

CVE-2015-0834

The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle attackers to discover credentials by spoofing a server and completing a brute-force attack within a short time...

4.3CVSS6.1AI score0.01259EPSS
Exploits0References9
CVE
CVE
added 2015/02/25 11:0 a.m.117 views

CVE-2015-0834

CVE-2015-0834 affects Mozilla Firefox prior to 36.0, where the WebRTC subsystem accepts TURN/STUN URIs without TLS, enabling a man-in-the-middle to potentially discover credentials by spoofing a server and brute-forcing within a short window. Public documents indicate remediation via upgrading Fi...

4.3CVSS9AI score0.01259EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder