Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-8642

EPSS 0.66% · P71
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2014-8642

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during a session in which there was an incorrect decision to accept a compromised and revoked certificate.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mozilla Firefox和SeaMonkey 加密问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mozilla Firefox和SeaMonkey都是由美国Mozilla基金会开发。Firefox是一款开源Web浏览器。SeaMonkey是一套免费、开源以及跨平台的网络套装软件。 Mozilla Firefox 34.0.5及之前版本和SeaMonkey 2.31及之前版本中存在安全漏洞,该漏洞源于程序在处理OCSP响应时没有处理id-pkix-ocsp-nocheck扩展。远程攻击者可通过嗅探网络利用该漏洞获取敏感信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2014-8642

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2014-8642

Please Login to view more intelligence information

Same Patch Batch · n/a · 2015-01-14 · 18 CVEs total

CVE-2014-8634多款Mozilla产品浏览器引擎内存损坏漏洞
CVE-2014-8643Mozilla Firefox 权限许可和访问控制漏洞
CVE-2014-8641多款Mozilla产品WebRTC实现释放后重用漏洞
CVE-2014-8640Mozilla Firefox和SeaMonkey Web Audio API实现竞争条件漏洞
CVE-2014-8639多款Mozilla产品会话固定漏洞
CVE-2014-8638多款Mozilla产品navigator.sendBeacon实现跨站请求伪造漏洞
CVE-2014-8637Mozilla Firefox和SeaMonkey 信息泄露漏洞
CVE-2014-8636Mozilla Firefox和SeaMonkey 代码注入漏洞
CVE-2014-8635Mozilla Firefox和SeaMonkey 浏览器引擎内存损坏漏洞
CVE-2014-3314Cisco AnyConnect 安全漏洞
CVE-2014-5233Siemens SIMATIC WinCC Sm@rtClient app for iOS 信息泄露漏洞
CVE-2014-5232Siemens SIMATIC WinCC Sm@rtClient应用程序权限许可和访问控制漏洞
CVE-2014-5231Siemens SIMATIC WinCC Sm@rtClient app for iOS 信息泄露漏洞
CVE-2015-0583Cisco WebEx Meeting Center 信息泄露漏洞
CVE-2015-0579Cisco TelePresence Video Communication Server和Cisco Expressway 拒绝服务漏洞
CVE-2015-0578Cisco Adaptive Security Appliances 拒绝服务漏洞
CVE-2015-0577Cisco AsyncOS 跨站脚本漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2014-8642

No comments yet

Leave a comment