[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Mozilla Products: Certificate parsing broken by non-standard character encoding - MFSA 2014-65 (Mac OS X)

ID: oval:org.secpod.oval:def:20622Date: (C)2014-07-28   (M)2023-12-07
Class: PATCHFamily: macos




Mozilla security researcher Christian Holler discovered several issues while fuzzing the parsing of SSL certificates. Two of these issues were a result of using characters that are not UTF-8 in certificates when various functions expected all strings to be UTF-8 format. The third issue was a result of using characters that were not ASCII in certificates while a function expected only ASCII formatted text. All of these issues causes the certificates to be incorrectly parsed, leading to a potential inability to use valid SSL certificates.

Platform:
Apple Mac OS 14
Apple Mac OS 13
Apple Mac OS 12
Apple Mac OS 11
Apple Mac OS X 10.15
Apple Mac OS X 10.14
Apple Mac OS X 10.13
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Product:
Mozilla Firefox
Mozilla Thunderbird
Reference:
MFSA 2014-65
CVE-2014-1559
CVE-2014-1560
CVE-2014-1558
CVE    3
CVE-2014-1559
CVE-2014-1558
CVE-2014-1560
CPE    13
cpe:/a:mozilla:firefox:30.0
cpe:/a:mozilla:thunderbird
cpe:/a:mozilla:thunderbird:24.0.1
cpe:/a:mozilla:thunderbird:24.1.1
...

© SecPod Technologies