CVE-2014-1492
Vulnerability from cvelistv5
Published
2014-03-25 01:00
Modified
2024-08-06 09:42
Severity ?
Summary
The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
References
security@mozilla.orghttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
security@mozilla.orghttp://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html
security@mozilla.orghttp://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html
security@mozilla.orghttp://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html
security@mozilla.orghttp://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html
security@mozilla.orghttp://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html
security@mozilla.orghttp://seclists.org/fulldisclosure/2014/Dec/23
security@mozilla.orghttp://secunia.com/advisories/59866
security@mozilla.orghttp://secunia.com/advisories/60621
security@mozilla.orghttp://secunia.com/advisories/60794
security@mozilla.orghttp://www.debian.org/security/2014/dsa-2994
security@mozilla.orghttp://www.mozilla.org/security/announce/2014/mfsa2014-45.html
security@mozilla.orghttp://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
security@mozilla.orghttp://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
security@mozilla.orghttp://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
security@mozilla.orghttp://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
security@mozilla.orghttp://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
security@mozilla.orghttp://www.securityfocus.com/archive/1/534161/100/0/threaded
security@mozilla.orghttp://www.securityfocus.com/bid/66356
security@mozilla.orghttp://www.ubuntu.com/usn/USN-2159-1
security@mozilla.orghttp://www.ubuntu.com/usn/USN-2185-1
security@mozilla.orghttp://www.vmware.com/security/advisories/VMSA-2014-0012.html
security@mozilla.orghttps://bugzilla.mozilla.org/show_bug.cgi?id=903885
security@mozilla.orghttps://bugzilla.redhat.com/show_bug.cgi?id=1079851
security@mozilla.orghttps://developer.mozilla.org/en-US/docs/NSS/NSS_3.16_release_notes
security@mozilla.orghttps://hg.mozilla.org/projects/nss/rev/709d4e597979Exploit, Patch
security@mozilla.orghttps://security.gentoo.org/glsa/201504-01
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2014/Dec/23
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59866
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60621
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60794
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-2994
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2014/mfsa2014-45.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/534161/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/66356
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2159-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2185-1
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2014-0012.html
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=903885
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1079851
af854a3a-2127-422b-91ae-364da2661108https://developer.mozilla.org/en-US/docs/NSS/NSS_3.16_release_notes
af854a3a-2127-422b-91ae-364da2661108https://hg.mozilla.org/projects/nss/rev/709d4e597979Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201504-01
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:42:36.122Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
          },
          {
            "name": "DSA-2994",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2994"
          },
          {
            "name": "openSUSE-SU-2014:0599",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html"
          },
          {
            "name": "openSUSE-SU-2014:0629",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://developer.mozilla.org/en-US/docs/NSS/NSS_3.16_release_notes"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-45.html"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
          },
          {
            "name": "SUSE-SU-2014:0727",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html"
          },
          {
            "name": "60621",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60621"
          },
          {
            "name": "60794",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60794"
          },
          {
            "name": "GLSA-201504-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201504-01"
          },
          {
            "name": "59866",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59866"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=903885"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
          },
          {
            "name": "SUSE-SU-2014:0665",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://hg.mozilla.org/projects/nss/rev/709d4e597979"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
          },
          {
            "name": "USN-2185-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2185-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079851"
          },
          {
            "name": "66356",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/66356"
          },
          {
            "name": "USN-2159-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2159-1"
          },
          {
            "name": "FEDORA-2014-5829",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-03-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name\u0027s U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
        },
        {
          "name": "DSA-2994",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2994"
        },
        {
          "name": "openSUSE-SU-2014:0599",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html"
        },
        {
          "name": "openSUSE-SU-2014:0629",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://developer.mozilla.org/en-US/docs/NSS/NSS_3.16_release_notes"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-45.html"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
        },
        {
          "name": "SUSE-SU-2014:0727",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html"
        },
        {
          "name": "60621",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60621"
        },
        {
          "name": "60794",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60794"
        },
        {
          "name": "GLSA-201504-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201504-01"
        },
        {
          "name": "59866",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59866"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=903885"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
        },
        {
          "name": "SUSE-SU-2014:0665",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://hg.mozilla.org/projects/nss/rev/709d4e597979"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
        },
        {
          "name": "USN-2185-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2185-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079851"
        },
        {
          "name": "66356",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/66356"
        },
        {
          "name": "USN-2159-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2159-1"
        },
        {
          "name": "FEDORA-2014-5829",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@mozilla.org",
          "ID": "CVE-2014-1492",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name\u0027s U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
            },
            {
              "name": "DSA-2994",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-2994"
            },
            {
              "name": "openSUSE-SU-2014:0599",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html"
            },
            {
              "name": "openSUSE-SU-2014:0629",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html"
            },
            {
              "name": "https://developer.mozilla.org/en-US/docs/NSS/NSS_3.16_release_notes",
              "refsource": "CONFIRM",
              "url": "https://developer.mozilla.org/en-US/docs/NSS/NSS_3.16_release_notes"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-45.html",
              "refsource": "CONFIRM",
              "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-45.html"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
            },
            {
              "name": "SUSE-SU-2014:0727",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html"
            },
            {
              "name": "60621",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60621"
            },
            {
              "name": "60794",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60794"
            },
            {
              "name": "GLSA-201504-01",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201504-01"
            },
            {
              "name": "59866",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59866"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=903885",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=903885"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
            },
            {
              "name": "SUSE-SU-2014:0665",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html"
            },
            {
              "name": "https://hg.mozilla.org/projects/nss/rev/709d4e597979",
              "refsource": "CONFIRM",
              "url": "https://hg.mozilla.org/projects/nss/rev/709d4e597979"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
            },
            {
              "name": "USN-2185-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2185-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1079851",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079851"
            },
            {
              "name": "66356",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/66356"
            },
            {
              "name": "USN-2159-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2159-1"
            },
            {
              "name": "FEDORA-2014-5829",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2014-1492",
    "datePublished": "2014-03-25T01:00:00",
    "dateReserved": "2014-01-16T00:00:00",
    "dateUpdated": "2024-08-06T09:42:36.122Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-1492\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2014-03-25T13:25:38.493\",\"lastModified\":\"2024-11-21T02:04:23.733\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name\u0027s U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n cert_TestHostName en lib/certdb/certdb.c en la implementaci\u00f3n de comprobaci\u00f3n de certificado en Mozilla Network Security Services (NSS) anterior a 3.16 acepta un car\u00e1cter comod\u00edn que est\u00e1 embebido en U-label de un nombre de dominio internacionalizado, lo que podr\u00eda permitir a atacantes man-in-the-middle falsificar servidores SSL a trav\u00e9s de un certificado manipulado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.15.5\",\"matchCriteriaId\":\"204AD77A-1AE4-4B3D-AEBB-ED8A36F3669F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44E0E1D0-F71C-4A3F-B3EE-97B299EF2AE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47CD4C15-02C8-42F2-9AF3-E44F74DE62B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3DDE473-7A61-46AD-9D3B-CA299928FD44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"046596DB-57EB-4354-A79E-B3B1D5B4DD26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0755B957-CB78-4B8E-9CFE-D53389789ADA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D292FA-E062-4C52-AE0A-CA7D183D9E2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E1A0EA-9E2F-407F-A72F-D5061B6CD318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B565D82B-CAB8-4512-B7B7-0402146DD2B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68341EA6-4FF0-4F87-AC71-4EC5D648406C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A91596AC-3F28-4BBD-A697-81909A5407B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A57A5053-018B-468C-BC18-5140E6B5B048\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2962B1B-4B7F-4527-AE4C-C76787FEDB67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE921188-7A50-479F-853F-95127C9BE4E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F710939C-8598-40FE-9D5F-A3665723A5C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75572113-BD36-49BB-B7A1-177EB7DD3AA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F18265E-EE99-4D0F-B975-22A86077A611\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5E3EA58-3FD3-4AD8-AA63-057F8D31301B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A51D3086-99CB-4C01-B286-3F7F6B6FB3AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACA7EB49-52A7-4AFC-9D7D-0225A430B636\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAD5F88F-038C-4973-8391-C40C08573F8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F474C4B3-B85D-4059-B5D9-84238A642EC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5BB4C26-42DC-48F7-B73B-4C88FD3D1E01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FCC4537-605F-4A3B-AAD1-FC7D0F44F6B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E62D1D1B-985D-440B-AD23-3F16AEC8DA45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54B8C2DA-E663-437B-83DA-5521AF002C8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94C2A7CF-71DB-431C-8F13-E6F46961F68D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"000A1698-C9DE-49A1-9F5D-FDED34A134E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"601788BD-8B31-417F-AE7D-BE8E4107C1EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06A99645-6A81-40C3-B46F-3D1ABF00EF00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EBCB20B-A367-485F-9115-04EABBE69C5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E38E21D-23A9-4D0D-B45B-AF019CD448F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33955B7C-ABA0-49E3-BEF8-AD29FD31DA5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42C5B25D-E039-427D-8655-FD6BB9302793\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6E3FD4C-57C7-49CC-B970-18FE767A5ABD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDE6B5A1-2E92-427A-810F-0139632F4410\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"548E3AAC-3628-4CA4-98CF-7F3724F4355D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E39AD87-3C6C-4B2F-AC3C-84FDBE184440\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99EDA73B-F030-48C0-AAC1-7B8FF1D9E54E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3720323-D3BD-4ACD-93B7-B1687E2B241B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3AA512E-B2EA-4C73-91B9-14BD5776EE53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7D2D713-5A78-4D78-BF0B-2BC1A621D4C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CD0792F-A78A-420B-8069-67920BC5DEE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A05D7AA9-8EA2-4063-B853-FE1E3CA85B03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B591920E-38ED-4046-AD08-E31464C61A18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7456D704-3B98-42EC-929A-91BD1E95233F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27F38E50-AF67-4F2B-9DA2-0BDC4BE7D5BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"473B6DB5-D433-4B1C-9F0D-8260A143D437\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D87CDFCB-B9FF-49F4-88BA-49D14E6FA8FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3D4DE8E-7184-4A6B-87EA-A0B116EA0155\"}]}]}],\"references\":[{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://seclists.org/fulldisclosure/2014/Dec/23\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://secunia.com/advisories/59866\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://secunia.com/advisories/60621\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://secunia.com/advisories/60794\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.debian.org/security/2014/dsa-2994\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.mozilla.org/security/announce/2014/mfsa2014-45.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/534161/100/0/threaded\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.securityfocus.com/bid/66356\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2159-1\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2185-1\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2014-0012.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=903885\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1079851\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://developer.mozilla.org/en-US/docs/NSS/NSS_3.16_release_notes\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://hg.mozilla.org/projects/nss/rev/709d4e597979\",\"source\":\"security@mozilla.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"https://security.gentoo.org/glsa/201504-01\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2014/Dec/23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/59866\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60621\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60794\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2014/dsa-2994\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mozilla.org/security/announce/2014/mfsa2014-45.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/534161/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/66356\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2159-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2185-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2014-0012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=903885\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1079851\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://developer.mozilla.org/en-US/docs/NSS/NSS_3.16_release_notes\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://hg.mozilla.org/projects/nss/rev/709d4e597979\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"https://security.gentoo.org/glsa/201504-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.