Lucene search
MozillaCVELIST:CVE-2015-0832HistoryFeb 25, 2015 - 11:00 a.m.
CVE-2015-0832
2015-02-2511:00:00
mozilla
www.cve.org
4
Mozilla Firefox before 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle attackers to bypass the HPKP and HSTS protection mechanisms by constructing a URL with this character and leveraging access to an X.509 certificate for a domain with this character.
References
lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html
lists.opensuse.org/opensuse-updates/2015-03/msg00067.html
www.mozilla.org/security/announce/2015/mfsa2015-13.html
www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
www.securityfocus.com/bid/72752
www.ubuntu.com/usn/USN-2505-1
bugzilla.mozilla.org/show_bug.cgi?id=1065909
security.gentoo.org/glsa/201504-01
Related
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2015-13) - Linux
2021-11-11 00:00:00
Ubuntu: Security Advisory (USN-2505-1)
2015-02-26 00:00:00
Mageia: Security Advisory (MGASA-2015-0126)
2022-01-28 00:00:00
ubuntucve
ubuntucve
CVE-2015-0832
2015-02-25 00:00:00
mozilla
mozilla
Appended period to hostnames can bypass HPKP and HSTS protections — Mozilla
2015-02-24 00:00:00
nvd
nvd
CVE-2015-0832
2015-02-25 11:59:12
prion
prion
Design/Logic Flaw
2015-02-25 11:59:00
cve
cve
CVE-2015-0832
2015-02-25 11:59:12
archlinux
archlinux
firefox: multiple issues
2015-02-25 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2015-02-25 00:00:00
Firefox regression
2015-03-09 00:00:00
mageia
mageia
Updated iceape packages fix security vulnerabilities
2015-04-03 16:11:23
nessus
nessus
Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2505-1)
2015-02-26 00:00:00
Ubuntu 14.04 LTS : Firefox regression (USN-2505-2)
2015-03-10 00:00:00
Mozilla Firefox ESR < 31.5 Multiple Vulnerabilities
2019-11-06 00:00:00
suse
suse
Security update for MozillaFirefox, mozilla-nss (important)
2015-03-01 11:04:54
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-02-24 00:00:00
kaspersky
kaspersky
KLA10464 Multiple vulnerabilities in Mozilla products
2015-02-24 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2015-03-22 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00