UBUNTU-CVE-2014-1492

See a problem?

Source

https://ubuntu.com/security/notices/UBUNTU-CVE-2014-1492

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-1492.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2014-1492

Related

Published

2014-03-25T00:00:00Z

Modified

2014-03-25T00:00:00Z

Summary

[none]

Details

The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.

References

Affected packages

Ubuntu:14.04:LTS / firefox

Package

Name: firefox
Purl: pkg:deb/ubuntu/firefox@29.0+build1-0ubuntu0.14.04.2?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

29.0+build1-0ubuntu0.14.04.2

Affected versions

24.*

24.0+build1-0ubuntu1

25.*

25.0+build3-0ubuntu0.13.10.1

28.*

28.0~b2+build1-0ubuntu2

28.0+build1-0ubuntu1

28.0+build2-0ubuntu1

28.0+build2-0ubuntu2

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "firefox-locale-nl": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-kn": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-gl": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-sv": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-eo": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-fy": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-or": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-lt": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-kk": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-hy": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-km": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-uk": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-sr": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-ca": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-is": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-dbg": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-testsuite": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-ga": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-it": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-ja": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-lg": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-ms": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-dev": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-mozsymbols": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-ko": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-hr": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-mai": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-nb": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-zh-hans": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-vi": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-he": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-sw": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-el": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-oc": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-xh": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-nn": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-ar": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-csb": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-cs": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-zu": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-ro": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-globalmenu": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-af": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-nso": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-sk": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-si": "29.0+build1-0ubuntu0.14.04.2",
            "firefox": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-cy": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-fa": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-mn": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-sq": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-en": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-tr": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-br": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-et": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-ast": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-th": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-da": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-fi": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-ku": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-ru": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-mk": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-bg": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-hu": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-gu": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-bn": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-ml": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-an": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-be": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-eu": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-fr": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-pa": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-as": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-ta": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-mr": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-bs": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-te": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-id": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-ka": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-pl": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-gd": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-hi": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-zh-hant": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-lv": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-es": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-de": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-sl": "29.0+build1-0ubuntu0.14.04.2",
            "firefox-locale-pt": "29.0+build1-0ubuntu0.14.04.2"
        }
    ]
}

Ubuntu:14.04:LTS / nss

Package

Name: nss
Purl: pkg:deb/ubuntu/nss@2:3.15.4-1ubuntu7?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:3.15.4-1ubuntu7

Affected versions

2:3.*

2:3.15.1-1ubuntu1

2:3.15.2-1

2:3.15.3-1

2:3.15.3.1-1

2:3.15.3.1-1.1

2:3.15.3.1-1.1ubuntu1

2:3.15.4-1ubuntu3

2:3.15.4-1ubuntu4

2:3.15.4-1ubuntu5

2:3.15.4-1ubuntu6

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "libnss3-dbg": "2:3.15.4-1ubuntu7",
            "libnss3-1d": "2:3.15.4-1ubuntu7",
            "libnss3-tools": "2:3.15.4-1ubuntu7",
            "libnss3": "2:3.15.4-1ubuntu7",
            "libnss3-dev": "2:3.15.4-1ubuntu7",
            "libnss3-nssdb": "2:3.15.4-1ubuntu7"
        }
    ]
}