Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Mozilla Firefox < 1.7.2 Non-FQDN SSL Certificate Spoofing

Medium

Synopsis

The remote host has a web browser installed that is vulnerable to certificate spoofing attacks.

Description

Versions of Mozilla Firefox prior to 1.7.2 are vulnerable to a SSL spoofing issue that may allow a rogue web server to spoof a trusted certificate from a third party web site using non-fully qualified domain name.

Solution

Upgrade to version 1.7.2 or higher.