Mozilla.Network.Security.Services.RSA.Signature.Forgery

description-logoDescription

This indicates an attack attempt against a Cryptographic vulnerability in Mozilla Network Security Services.
The vulnerability is due to improper verification of cryptographic signatures in the affected library. A remote attacker may exploit this to access sensitive information via a forged certificate.

affected-products-logoAffected Products

Mozilla Foundation Network Security Services prior to 3.16.2.1
Mozilla Foundation Network Security Services prior to 3.16.5
Mozilla Foundation Network Security Services prior to 3.17.1

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Apply the latest update from the vendor.
https://www.mozilla.org/security/announce/2014/mfsa2014-73.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)