Flaws in Mozilla's Handling of Security Certificates Discovered and Fixed

Posted by dave on Jul 28, 2004 7:53 AM EDT
mozillaZine
Mail this story
Print this story

CNET News.com is reporting that two new flaws in the way Mozilla handles security certificates have been discovered. The more serious vulnerability allows a site to appear to have a security certificate when it does not (bug 253121). The other hole makes it possible for an attacker to overwrite the root certificate authority certificates, causing an error message to appear whenever the user tries to access a (genuine) secure site (bug 249004). Both bugs have now been fixed, but updated end-user releases of Mozilla products are not yet available.

Full Story

  Nav
» Read more about: Story Type: News Story; Groups: Mozilla

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.