Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The PRNG implementation in the DNS resolver in Mozilla Firefox (aka Fennec) before 37.0 on Android does not properly generate random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to CVE-2012-2808.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox DNS解析程序信息泄露
Vulnerability Description
Mozilla Firefox是美国Mozilla基金会开发的一款开源Web浏览器。 基于Android平台的Mozilla Firefox 36.0.4及之前版本的DNS解析程序中的PRNG实现过程中存在安全漏洞,该漏洞源于程序没有正确生成用于查询ID值和UDP源端口的随机数。远程攻击者可通过猜测随机数利用该漏洞伪造DNS响应。
CVSS Information
N/A
Vulnerability Type
N/A