CVE-2015-0834 in Firefoxinfo

Summary

The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle attackers to discover credentials by spoofing a server and completing a brute-force attack within a short time window.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

01/07/2015

Disclosure

02/25/2015

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-200

CVSS

5.3

EPSS

0.00514

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-0834
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-0834
CVE Details	https://www.cvedetails.com/cve/CVE-2015-0834/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!