Vulnerability in Apple Mac_os_x
CVE-2014-1568
Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24…
Vulnerability class: POODLE (CVE-2014-3566)
EPSS: 0.336 (97.0th percentile) — read the EPSS interpretation.
Affected products
- Apple Mac_os_x
- Google Chrome — versions 37.0.2062.0, 37.0.2062.3, 37.0.2062.20
- Google Chrome_os
- Microsoft Windows
- Mozilla Firefox — versions 31.0, 31.1.0, 32.0.1
- Mozilla Firefox_esr — versions 24.8.0
- Mozilla Network_security_services — versions 3.2, 3.2.1, 3.3
- Mozilla Seamonkey — versions 1.0, 1.0.1, 1.0.2
- Mozilla Thunderbird — versions 31.0, 31.1.0, 31.1.1
- N/a — versions n/a
Weakness classification (CWE)
Public proof-of-concept exploits
References
- security@mozilla.org (x_refsource_CONFIRM)
- security@mozilla.org (x_refsource_CONFIRM)
- VU#772676 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)
- security@mozilla.org (x_refsource_CONFIRM)
- RHSA-2014:1307 (x_refsource_REDHAT, vendor-advisory)
- 70116 (vdb-entry, x_refsource_BID)
- USN-2360-1 (x_refsource_UBUNTU, vendor-advisory)
- mozilla-nss-cve20141568-sec-bypass(96194) (vdb-entry, x_refsource_XF)
- security@mozilla.org (x_refsource_CONFIRM)
- 61575 (x_refsource_SECUNIA, third-party-advisory)
Frequently asked questions
- What is CVE-2014-1568?
- CVE-2014-1568 is a vulnerability in Apple Mac_os_x, classified under Cryptographic Issues. Published 2014-09-25.
- Is CVE-2014-1568 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.