Mozilla’s Firefox web browser, its Thunderbird email client and its SeaMonkey all-in-one Internet application suite contain a vulnerability in the Network Security Services (NSS) cryptographic library that an attacker can use to forge RSA certificates, which SSL/TLS enabled web sites use to authenticate their identity. This means fraudulent web sites could masquerade as secure sites and steal users’ personal information. Mozilla has issued updates to address the issue.
Read more here: