Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Mozilla产品加密问题漏洞
Vulnerability Description
Mozilla Firefox、SeaMonkey和Thunderbird都是由美国Mozilla基金会开发。Firefox是一款开源Web浏览器。SeaMonkey是一套免费、开源以及跨平台的网络套装软件。Thunderbird是从Mozilla Application Suite中独立出来的一套电子邮件客户端软件。 多款Mozilla产品中存在加密问题漏洞,该漏洞源于程序没有正确处理用户已移除对EV X.509证书的信任。远程攻击者可借助有效的证书利用该漏洞实施中间人攻击欺骗SSL服务器。以下产品及版
CVSS Information
N/A
Vulnerability Type
N/A