Total vulnerabilities in the database
Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.
| Software | From | Fixed in |
|---|---|---|
| mozilla / firefox | 2.0.0.12 | 2.0.0.12.x |
| mozilla / firefox | 2.0.0.2 | 2.0.0.2.x |
| mozilla / seamonkey | 1.1.5 | 1.1.5.x |
| netscape / navigator | 9.0 | 9.0.x |
| mozilla / firefox | 2.0.0.7 | 2.0.0.7.x |
| mozilla / firefox | 2.0.0.9 | 2.0.0.9.x |
| mozilla / seamonkey | - | 1.0.9.x |
| mozilla / firefox | 2.0.0.14 | 2.0.0.14.x |
| mozilla / firefox | 2.0.0.3 | 2.0.0.3.x |
| mozilla / firefox | 2.0.0.6 | 2.0.0.6.x |
| mozilla / firefox | 2.0.0.11 | 2.0.0.11.x |
| mozilla / firefox | 2.0.0.4 | 2.0.0.4.x |
| mozilla / firefox | 2.0.0.13 | 2.0.0.13.x |
| mozilla / firefox | 2.0.0.1 | 2.0.0.1.x |
| mozilla / firefox | 2.0.0.8 | 2.0.0.8.x |
| mozilla / firefox | 2.0.0.5 | 2.0.0.5.x |
| mozilla / firefox | 2.0.0.10 | 2.0.0.10.x |
| mozilla / geckb | - | 1.9.x |