Back to search
CVE-2011-0082
Published: Jun 6, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
The X.509 certificate validation functionality in Mozilla Firefox 4.0.x through 4.0.1 does not properly implement single-session security exceptions, which might make it easier for user-assisted remote attackers to spoof an SSL server via an untrusted certificate that triggers potentially unwanted local caching of documents from that server.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
48064
vdb-entry
x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=709165
x_refsource_CONFIRM
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627552
x_refsource_CONFIRM
https://bugzilla.mozilla.org/show_bug.cgi?id=660749
x_refsource_CONFIRM
[oss-security] 20110531 Re: CVE request: firefox doesn't (re)validate certificates when loading HTTPS page
mailing-list
x_refsource_MLIST
[oss-security] 20110531 CVE request: firefox doesn't (re)validate certificates when loading HTTPS page
mailing-list
x_refsource_MLIST
oval:org.mitre.oval:def:14145
vdb-entry
signature
x_refsource_OVAL
[oss-security] 20110531 Re: CVE request: firefox doesn't (re)validate certificates when loading HTTPS page
mailing-list
x_refsource_MLIST
[oss-security] 20110531 Re: CVE request: firefox doesn't (re)validate certificates when loading HTTPS page
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now