Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mozilla
Published: 2014-02-06T02:00:00
Updated: 2018-10-09T18:57:01
Reserved: 2014-01-16T00:00:00
Link: CVE-2014-1490
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-02-06T05:44:25.097
Modified: 2024-02-14T01:17:43.863
Link: CVE-2014-1490
JSON object: View
Redhat Information
No data.
CWE