Mozilla multiple addons upgrade weakness

2007-05-30T00:00:00
ID SECURITYVULNS:VULN:7759
Type securityvulns
Reporter FULL-DISCLOSURE
Modified 2007-05-30T00:00:00

Description

Upgrade mechanism of multiple addons allows upgrade via unsecure HTTP connection without using of SSL/TLS certificates, makeing active man-in-the-middle attacks possible.