Back to search

MFSA2010-22: Update NSS to support TLS renegotiation indication

Severity CVSS Published Added Modified
6 (AV:N/AC:M/Au:N/C:N/I:P/A:P) November 09, 2009 April 05, 2010 December 04, 2013

Description

Mozilla developers added support in the Network Security Services module for preventing a type of man-in-the-middle attack against TLS using forced renegotiation.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

  • Mozilla Firefox >= 3 and < 3.6.2

    Upgrade to Mozilla Firefox version 3.6.2

    Install version 3.6.2 of Mozilla Firefox from the Mozilla Products page.

  • Mozilla Firefox >= 3 and < 3.5.9

    Upgrade to Mozilla Firefox version 3.5.9

    Install version 3.5.9 of Mozilla Firefox from the Mozilla Products page.

Related Vulnerabilities