Mozilla.Network.Security.Services.RSA.Signature.Forgery
Description
This indicates an attack attempt against a Cryptographic vulnerability in Mozilla Network Security Services.
The vulnerability is due to improper verification of cryptographic signatures in the affected library. A remote attacker may exploit this to access sensitive information via a forged certificate.
Affected Products
Mozilla Foundation Network Security Services prior to 3.16.2.1
Mozilla Foundation Network Security Services prior to 3.16.5
Mozilla Foundation Network Security Services prior to 3.17.1
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the latest update from the vendor.
https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |