CVE-2013-6673 (retired)

Priority
Description
Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird
before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of
trust from an EV X.509 certificate, which makes it easier for
man-in-the-middle attackers to spoof SSL servers in opportunistic
circumstances via a valid certificate that is unacceptable to the user.
Assigned-to
chrisccoulson
Package
Upstream:released (26.0)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
Package
Upstream:released (24.2.0)
Ubuntu 14.04 LTS (Trusty Tahr):released (1:24.2.0+build1-0ubuntu1)
More Information

Updated: 2019-03-26 12:11:21 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)