Vulnerabilities

CVE-2013-6673

by Fred · 11/12/2013

Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user’s removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user.

Date published : 2013-12-11

http://www.securityfocus.com/bid/64213

http://www.mozilla.org/security/announce/2013/mfsa2013-113.html

Similar

Tags: Cybersecurity Alert