CVE-2014-1560

Publication date 22 July 2014

Last updated 24 July 2024


Ubuntu priority

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context.

Status

Package Ubuntu Release Status
firefox 14.04 LTS trusty
Fixed 31.0+build1-0ubuntu0.14.04.1
12.04 LTS precise
Fixed 31.0+build1-0ubuntu0.12.04.1
10.04 LTS lucid Ignored end of life
thunderbird 14.04 LTS trusty
Fixed 1:31.0+build1-0ubuntu0.14.04.1
12.04 LTS precise
Fixed 1:31.0+build1-0ubuntu0.12.04.1
10.04 LTS lucid Ignored end of life

References

Related Ubuntu Security Notices (USN)

    • USN-2296-1
    • Thunderbird vulnerabilities
    • 22 July 2014

Other references