OSVDB ID: 86530 Title: Mozilla Firefox Invalid Certificate Silent Installation Weakness |
Info |
|
|
Dates |
||||
|
|
Description |
Mozilla Firefox contains a flaw that is triggered when objects with invalid, expired, or missing certificates are installed silently without a warning message. This may allow a remote attacker to more easily compromise a user's system. |
Classification |
Location:
Context Dependent
Attack Type: Cryptographic, Other Impact: Loss of Integrity Solution: Upgrade Exploit: Exploit Public Disclosure: Vendor Verified OSVDB: Web Related |
Solution |
Upgrade to version 15 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. |
Products |
|
References |
|
Credit |
Unknown or Incomplete |