X
Tap here to go to the mobile version of the site.

منتدى الدعم

Are any versions of Firefox susceptable to Heartbleed bug CVE-2014-0160 ?

Posted

Do any versions of Firefox use OpenSSL? if so, which versions of Firefox would be vulnerable to the Heartbleed bug CVE-2014-0160 that has recently been identified. As covered in: http://heartbleed.com/ http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/

Do any versions of Firefox use OpenSSL? if so, which versions of Firefox would be vulnerable to the Heartbleed bug CVE-2014-0160 that has recently been identified. As covered in: http://heartbleed.com/ http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/

Chosen solution

hello pjhill, no firefox (the browser) isn't affected by this vulnerability, but two mozilla web services (firefox accounts, persona) were: https://blog.mozilla.org/security/2014/04/08/heartbleed-security-advisory/

Read this answer in context 17

Additional System Details

Application

  • User Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E)

More Information

philipp
  • Top 25 Contributor
  • Moderator
5306 solutions 23424 answers

Chosen Solution

hello pjhill, no firefox (the browser) isn't affected by this vulnerability, but two mozilla web services (firefox accounts, persona) were: https://blog.mozilla.org/security/2014/04/08/heartbleed-security-advisory/

hello pjhill, no firefox (the browser) isn't affected by this vulnerability, but two mozilla web services (firefox accounts, persona) were: https://blog.mozilla.org/security/2014/04/08/heartbleed-security-advisory/
John99 971 solutions 13138 answers

Helpful Reply

An interesting article on the Heartbleed vulnerability and its probable extent

An interesting article on the Heartbleed vulnerability and its probable extent * http://arstechnica.com/security/2014/04/critical-crypto-bug-exposes-yahoo-mail-passwords-russian-roulette-style/
jscher2000
  • Top 10 Contributor
8693 solutions 71056 answers
Possibly also of interest: [https://support.mozilla.org/questions/994421 Does Mozilla have a plugin that will alert users when they visit a website that is still vulnerable to Heartbleed?]