The vulnerability of the Mozilla SeaMonkey software package, which allows a malicious individual to trigger a service failure

The Mozilla SeaMonkey browser contains a vulnerability related to errors in the implementation of a certain type of key verification mechanism in the cryptoGenerateCRMFRequest method. Exploiting this vulnerability allows malicious actors to induce a service failure abnormal termination of the...

Mozilla多个产品crypto.generateCRMFRequest拒绝服务漏洞

CVE ID:CVE-2014-1498 Mozilla Firefox/SeaMonkey是Mozilla所发布的WEB浏览器/新闻组客户端。 Mozilla多个产品在生成ec-dual-use请求时crypto.generateCRFMRequest方法没有正确校验KeyParams参数的键值类型，允许攻击者利用漏洞进行拒绝服务攻击，使应用程序崩溃。 0 Mozilla Firefox 27 Mozilla Seamonkey 2.24 Mozilla Firefox 28，Seamonkey 2.25已经修复该漏洞，建议用户下载更新： http://www.mozilla.org...

Design/Logic Flaw

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service application crash via vectors that trigger generation of a key that supports the Elliptic Curve...

CVE-2014-1498

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service application crash via vectors that trigger generation of a key that supports the Elliptic Curve...

CVE-2014-1498

CVE-2014-1498 : The vulnerability affects Mozilla Firefox before 28.0 and SeaMonkey before 2.25, where crypto.generateCRMFRequest fails to validate a specific key type. This can cause remote crashes/DoS via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algo...

CVE-2014-1498

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service application crash via vectors that trigger generation of a key that supports the Elliptic Curve...