Improper input validation in Mozilla Firefox

CVE-2008-2809

Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domai…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.012 (65.3th percentile) — read the EPSS interpretation.

Affected products

Mozilla Firefox — versions 2.0.0.1, 2.0.0.2, 2.0.0.3
Mozilla Geckb
Mozilla Seamonkey — versions 1.1.5
Netscape Navigator — versions 9.0
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

secalert@redhat.com (vendor-advisory, x_refsource_SUSE)
secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
secalert@redhat.com (vendor-advisory, x_refsource_DEBIAN)
secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
secalert@redhat.com (vendor-advisory, x_refsource_SLACKWARE)