2 matches found
The vulnerability of Thunderbird email client, Firefox and Firefox ESR browsers, arises from improper validation of an empty sequence “pkcs7” when it is transmitted as part of the certificate data. This allows attackers to execute a DoS (Denial-of-Service) attack.
The vulnerability of the Thunderbird email client, as well as browsers Firefox and Firefox ESR, is related to improper validation of an empty pkcs7 sequence that is transmitted as part of the certificate data. Exploiting this vulnerability allows a remote attacker to send a specially crafted...
Mozilla: Crash when handling empty pkcs7 sequence
The Mozilla Foundation Security Advisory describes this flaw as: After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable...