Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote attackers to spoof trusted certificates.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Browser Non-FQDN SSL证书欺骗漏洞
Vulnerability Description
Mozilla 1.7之前版本, Firefox 0.9之前版本, 以及Thunderbird 0.7之前版本中的cert_TestHostName函数存在漏洞。该漏洞在URI的主机名部分不是完全合格的域名称(FQDN)时检查证书的主机名部分,远程攻击者可以欺骗受信任的证书。
CVSS Information
N/A
Vulnerability Type
N/A