Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2014-1492

The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.

  • Published: Mar 25, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-1492
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

Software From Fixed in
mozilla / network_security_services 3.11.2 3.11.2.x
mozilla / network_security_services 3.6.1 3.6.1.x
mozilla / network_security_services 3.12.5 3.12.5.x
mozilla / network_security_services 3.2 3.2.x
mozilla / network_security_services 3.15 3.15.x
mozilla / network_security_services 3.11.4 3.11.4.x
mozilla / network_security_services 3.7.7 3.7.7.x
mozilla / network_security_services 3.14.1 3.14.1.x
mozilla / network_security_services 3.7.5 3.7.5.x
mozilla / network_security_services 3.7.1 3.7.1.x
mozilla / network_security_services 3.12.9 3.12.9.x
mozilla / network_security_services 3.15.3 3.15.3.x
mozilla / network_security_services 3.12.3.1 3.12.3.1.x
mozilla / network_security_services 3.6 3.6.x
mozilla / network_security_services 3.12.6 3.12.6.x
mozilla / network_security_services 3.2.1 3.2.1.x
mozilla / network_security_services 3.12.8 3.12.8.x
mozilla / network_security_services - 3.15.5.x
mozilla / network_security_services 3.15.1 3.15.1.x
mozilla / network_security_services 3.12.11 3.12.11.x
mozilla / network_security_services 3.14.3 3.14.3.x
mozilla / network_security_services 3.14.4 3.14.4.x
mozilla / network_security_services 3.9 3.9.x
mozilla / network_security_services 3.4 3.4.x
mozilla / network_security_services 3.14 3.14.x
mozilla / network_security_services 3.8 3.8.x
mozilla / network_security_services 3.4.1 3.4.1.x
mozilla / network_security_services 3.11.5 3.11.5.x
mozilla / network_security_services 3.7 3.7.x
mozilla / network_security_services 3.12.2 3.12.2.x
mozilla / network_security_services 3.7.2 3.7.2.x
mozilla / network_security_services 3.12.10 3.12.10.x
mozilla / network_security_services 3.3 3.3.x
mozilla / network_security_services 3.12.4 3.12.4.x
mozilla / network_security_services 3.12.1 3.12.1.x
mozilla / network_security_services 3.12.3.2 3.12.3.2.x
mozilla / network_security_services 3.7.3 3.7.3.x
mozilla / network_security_services 3.15.2 3.15.2.x
mozilla / network_security_services 3.4.2 3.4.2.x
mozilla / network_security_services 3.12.3 3.12.3.x
mozilla / network_security_services 3.3.2 3.3.2.x
mozilla / network_security_services 3.14.5 3.14.5.x
mozilla / network_security_services 3.5 3.5.x
mozilla / network_security_services 3.15.3.1 3.15.3.1.x
mozilla / network_security_services 3.14.2 3.14.2.x
mozilla / network_security_services 3.12.7 3.12.7.x
mozilla / network_security_services 3.15.4 3.15.4.x
mozilla / network_security_services 3.11.3 3.11.3.x
mozilla / network_security_services 3.12 3.12.x
mozilla / network_security_services 3.3.1 3.3.1.x