Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2013-1740

The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic.

  • Published: Jan 18, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2013-1740
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

Software From Fixed in
mozilla / network_security_services 3.11.2 3.11.2.x
mozilla / network_security_services 3.6.1 3.6.1.x
mozilla / network_security_services 3.12.5 3.12.5.x
mozilla / network_security_services 3.2 3.2.x
mozilla / network_security_services 3.15 3.15.x
mozilla / network_security_services 3.11.4 3.11.4.x
mozilla / network_security_services 3.7.7 3.7.7.x
mozilla / network_security_services 3.14.1 3.14.1.x
mozilla / network_security_services 3.7.5 3.7.5.x
mozilla / network_security_services 3.7.1 3.7.1.x
mozilla / network_security_services 3.12.9 3.12.9.x
mozilla / network_security_services 3.12.3.1 3.12.3.1.x
mozilla / network_security_services 3.6 3.6.x
mozilla / network_security_services 3.12.6 3.12.6.x
mozilla / network_security_services 3.2.1 3.2.1.x
mozilla / network_security_services 3.12.8 3.12.8.x
mozilla / network_security_services 3.15.1 3.15.1.x
mozilla / network_security_services 3.12.11 3.12.11.x
mozilla / network_security_services 3.14.3 3.14.3.x
mozilla / network_security_services 3.14.4 3.14.4.x
mozilla / network_security_services 3.9 3.9.x
mozilla / network_security_services 3.4 3.4.x
mozilla / network_security_services 3.14 3.14.x
mozilla / network_security_services 3.8 3.8.x
mozilla / network_security_services 3.4.1 3.4.1.x
mozilla / network_security_services 3.11.5 3.11.5.x
mozilla / network_security_services 3.7 3.7.x
mozilla / network_security_services 3.12.2 3.12.2.x
mozilla / network_security_services 3.7.2 3.7.2.x
mozilla / network_security_services 3.12.10 3.12.10.x
mozilla / network_security_services 3.3 3.3.x
mozilla / network_security_services 3.12.4 3.12.4.x
mozilla / network_security_services 3.12.1 3.12.1.x
mozilla / network_security_services 3.12.3.2 3.12.3.2.x
mozilla / network_security_services 3.7.3 3.7.3.x
mozilla / network_security_services 3.15.2 3.15.2.x
mozilla / network_security_services 3.4.2 3.4.2.x
mozilla / network_security_services 3.12.3 3.12.3.x
mozilla / network_security_services 3.3.2 3.3.2.x
mozilla / network_security_services 3.14.5 3.14.5.x
mozilla / network_security_services 3.5 3.5.x
mozilla / network_security_services 3.14.2 3.14.2.x
mozilla / network_security_services 3.12.7 3.12.7.x
mozilla / network_security_services 3.11.3 3.11.3.x
mozilla / network_security_services - 3.15.3.x
mozilla / network_security_services 3.12 3.12.x
mozilla / network_security_services 3.3.1 3.3.1.x