CVE-2014-1560

Published: Jul 23, 2014Modified: May 6, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context.

Affected (11)

Products: Mozilla: Firefox, Thunderbird

2 products

Configuration A

11 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Up to 30.0
Mozilla Thunderbird	Up to 24.7
Mozilla Thunderbird	Version 24.0.1
Mozilla Thunderbird	Version 24.0
Mozilla Thunderbird	Version 24.1.1
Mozilla Thunderbird	Version 24.1
Mozilla Thunderbird	Version 24.2
Mozilla Thunderbird	Version 24.3
Mozilla Thunderbird	Version 24.4
Mozilla Thunderbird	Version 24.5
Mozilla Thunderbird	Version 24.6

References (12)

http://secunia.com/advisories/60628

Source: security@mozilla.org

http://www.mozilla.org/security/announce/2014/mfsa2014-65.html

Source: security@mozilla.org

Vendor Advisory

http://www.securitytracker.com/id/1030619

Source: security@mozilla.org

http://www.securitytracker.com/id/1030620

Source: security@mozilla.org

https://bugzilla.mozilla.org/show_bug.cgi?id=997795

Source: security@mozilla.org

https://security.gentoo.org/glsa/201504-01

Source: security@mozilla.org

http://secunia.com/advisories/60628

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mozilla.org/security/announce/2014/mfsa2014-65.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id/1030619

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1030620

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.mozilla.org/show_bug.cgi?id=997795

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.gentoo.org/glsa/201504-01

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.