Can the security report 2014-73 Affect a Virtualized (App-V 4.6 SP3) Firefox ESR 24 version?
Hi, Could the RSA Signature Forgery in NSS as reported in Mozilla Foundation Security Advisory 2014-73 affect a virtualized version of Firefox ESR 24.3 (App-V 4.6 SP3) ?
BR / Gerry
الحل المُختار
hello, yes it will be affected as well. this vulnerability allows malicious sites to forge a connection to look like it is coming from a trusted source (the environment in which the application is running won't make a difference): https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
Read this answer in context 👍 0All Replies (1)
الحل المُختار
hello, yes it will be affected as well. this vulnerability allows malicious sites to forge a connection to look like it is coming from a trusted source (the environment in which the application is running won't make a difference): https://www.mozilla.org/security/announce/2014/mfsa2014-73.html