VDB
CVE-2004-0758
CVE-2004-0758
PUBLISHED
CVSS 5 MEDIUM
Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid.
EPSS 16.54% · 95.0th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
16.54%
95.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mozilla | mozilla | |
| n/a | n/a | n/a |
Exploit Intelligence
- http://www.mozilla.org/projects/security/known-vulnerabilities.html (circl)
- SCOSA-2005.49 (circl)
- SUSE-SA:2004:036 (circl)
- RHSA-2004:421 (circl)
- GLSA-200408-22 (circl)
- FLSA:2089 (circl)
- oval:org.mitre.oval:def:3134 (circl)
- 15495 (circl)
- mozilla-certificate-dos(16706) (circl)
- oval:org.mitre.oval:def:10304 (circl)
…and 3 more exploits
Timeline
- Aug 3, 2004 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- http://www.mozilla.org/projects/security/known-vulnerabilities.html url
- SCOSA-2005.49 vendor-advisory
- SUSE-SA:2004:036 vendor-advisory
- RHSA-2004:421 vendor-advisory
- GLSA-200408-22 vendor-advisory
- FLSA:2089 vendor-advisory
- oval:org.mitre.oval:def:3134 vdb
- 15495 vdb
- mozilla-certificate-dos(16706) vdb
- oval:org.mitre.oval:def:10304 vdb
- VU#784278 third-party-advisory
- http://bugzilla.mozilla.org/show_bug.cgi?id=249004 url
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127186 url
- https://nvd.nist.gov/vuln/detail/CVE-2004-0758 advisory