CVE-2014-1498 vulnerability in Mozilla and Other Products
Published on March 19, 2014

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2014-1498

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2014-1498 are published in these products:

Mozilla Firefox

Mozilla SeaMonkey

OpenSuse

Opensuseproject Opensuse

Oracle Solaris

Suse Linux Enterprise Desktop

Suse Linux Enterprise Server

Suse Linux Enterprise Software Development Kit

Exploit Probability

EPSS

0.55%

Percentile

67.52%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2014-1498 vulnerability in Mozilla and Other ProductsPublished on March 19, 2014

Products Associated with CVE-2014-1498

Exploit Probability

CVE-2014-1498 vulnerability in Mozilla and Other Products
Published on March 19, 2014