Vulnerabilities

CVE-2013-1740

by Fred · 18/01/2014

The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic.

Date published : 2014-01-18

http://www.securityfocus.com/bid/64944

http://www.securityfocus.com/archive/1/534161/100/0/threaded

Similar

Tags: Cybersecurity Alert