Plaintext recovery vulnerability in RC4 algorithm in Web Browsers via statistical analysis of ciphertextID: oval:org.secpod.oval:def:21005 | Date: (C)2014-09-04 (M)2024-03-27 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Internet Explorer, Edge, Mozilla Firefox before 25.0.1, Google Chrome before 48.0.2564.82, SeaMonkey before 2.22.1, Thunderbird 24.x before 24.1.1 or Thunderbird ESR, Firefox ESR 17.0.x before 17.0.11 and is prone to plaintext recovery vulnerability. A flaw is present in the applications, which fail to handle statistical analysis of ciphertext. Successful exploitation allows remote attacker to conduct plaintext-recovery attacks.
Platform: |
Microsoft Windows Server 2022 |
Microsoft Windows 11 |
Microsoft Windows Server 2019 |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |
Microsoft Windows Vista |
Microsoft Windows Server 2008 |
Microsoft Windows 7 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 8 |
Microsoft Windows Server 2012 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows 10 |
Product: |
Mozilla Firefox |
Google Chrome |
Microsoft Edge |
Microsoft Internet Explorer 11 |
Mozilla Thunderbird ESR |
Mozilla SeaMonkey |
Mozilla Thunderbird |
Mozilla Firefox ESR |