CVE-2009-2408

MEDIUM
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.

References

http://isc.sans.org/diary.html?storyid=7003

http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html

http://marc.info/?l=oss-security&m=125198917018936&w=2

http://osvdb.org/56723

http://secunia.com/advisories/36088

http://secunia.com/advisories/36125

http://secunia.com/advisories/36139

http://secunia.com/advisories/36157

http://secunia.com/advisories/36434

http://secunia.com/advisories/36669

http://secunia.com/advisories/37098

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021030.1-1

http://www.debian.org/security/2009/dsa-1874

http://www.mandriva.com/security/advisories?name=MDVSA-2009:197

http://www.mandriva.com/security/advisories?name=MDVSA-2009:216

http://www.mandriva.com/security/advisories?name=MDVSA-2009:217

http://www.mozilla.org/security/announce/2009/mfsa2009-42.html

http://www.novell.com/linux/security/advisories/2009_48_firefox.html

http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_m.c.diff?r1=1.8&r2=1.11&f=h

http://www.redhat.com/support/errata/RHSA-2009-1207.html

http://www.redhat.com/support/errata/RHSA-2009-1432.html

http://www.securitytracker.com/id?1022632

http://www.ubuntu.com/usn/usn-810-1

http://www.vupen.com/english/advisories/2009/2085

http://www.vupen.com/english/advisories/2009/3184

http://www.wired.com/threatlevel/2009/07/kaminsky/

https://bugzilla.redhat.com/show_bug.cgi?id=510251

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10751

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8458

https://usn.ubuntu.com/810-2/

Details

Source: MITRE

Published: 2009-07-30

Updated: 2018-10-03

Type: CWE-20

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

AND

OR

cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.9_rc:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.6:*:linux:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0.0.21:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0_.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0_.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0_.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0_.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0_.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0_.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0_.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:2.0_8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0beta5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.1:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.2:beta1:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:*:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.2:beta3:*:*:*:*:*:*

OR

cpe:2.3:a:mozilla:nss:3.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:nss:3.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:nss:3.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:nss:3.11.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:nss:3.11.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:nss:3.11.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:nss:3.11.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.13:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.14:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.15:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.16:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.17:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.18:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.19:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.20:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:2.0.0.21:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* versions up to 2.0.0.22 (inclusive)

Configuration 3

OR

cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* versions up to 1.1.17 (inclusive)

cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*

Tenable Plugins

View all (71 total)

IDNameProductFamilySeverity
89735VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2010-0001) (remote check)NessusVMware ESX Local Security Checks
critical
67924Oracle Linux 3 : seamonkey (ELSA-2009-1432)NessusOracle Linux Local Security Checks
critical
67923Oracle Linux 4 : seamonkey (ELSA-2009-1431)NessusOracle Linux Local Security Checks
critical
67902Oracle Linux 4 / 5 : nspr / nss (ELSA-2009-1184)NessusOracle Linux Local Security Checks
high
65117Ubuntu 8.04 LTS / 8.10 / 9.04 : nss regression (USN-810-3)NessusUbuntu Local Security Checks
high
64209SuSE 11 Security Update : Mozilla (SAT Patch Number 1304)NessusSuSE Local Security Checks
medium
63889RHEL 5 : nspr and nss (RHSA-2009:1207)NessusRed Hat Local Security Checks
high
63888RHEL 4 : nspr and nss (RHSA-2009:1190)NessusRed Hat Local Security Checks
high
63402GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)NessusGentoo Local Security Checks
critical
60665Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64NessusScientific Linux Local Security Checks
critical
60632Scientific Linux Security Update : nspr and nss for SL 5.x on i386/x86_64NessusScientific Linux Local Security Checks
high
60631Scientific Linux Security Update : nspr and nss for SL 4.x on i386/x86_64NessusScientific Linux Local Security Checks
high
49906SuSE 10 Security Update : OpenLDAP 2 (ZYPP Patch Number 6598)NessusSuSE Local Security Checks
medium
49905SuSE 10 Security Update : neon (ZYPP Patch Number 6549)NessusSuSE Local Security Checks
medium
45397Debian DSA-2025-1 : icedove - several vulnerabilitiesNessusDebian Local Security Checks
critical
801349Mozilla Thunderbird < 2.0.0.23 Certificate Authority (CA) Common Null Byte Handling SSL MiTM WeaknessLog Correlation EngineSMTP Clients
medium
5353Mozilla Thunderbird < 2.0.0.23 Multiple VulnerabilitiesNessus Network MonitorSMTP Clients
medium
44739Debian DSA-1874-1 : nss - several vulnerabilitiesNessusDebian Local Security Checks
high
43826VMSA-2010-0001 : ESX Service Console and vMA updates for nss and nsprNessusVMware ESX Local Security Checks
critical
800795Mac OS X 10.6 < 10.6.2 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high
5227Mac OS X 10.6 < 10.6.2 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
42434Mac OS X 10.6.x < 10.6.2 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
42433Mac OS X Multiple Vulnerabilities (Security Update 2009-006)NessusMacOS X Local Security Checks
critical
42327openSUSE 10 Security Update : seamonkey (seamonkey-6538)NessusSuSE Local Security Checks
high
42324openSUSE 10 Security Update : libneon-devel (libneon-devel-6550)NessusSuSE Local Security Checks
medium
42317openSUSE Security Update : libneon-devel (libneon-devel-1377)NessusSuSE Local Security Checks
medium
42315openSUSE Security Update : libneon-devel (libneon-devel-1377)NessusSuSE Local Security Checks
medium
42303SuSE 10 Security Update : neon (ZYPP Patch Number 6548)NessusSuSE Local Security Checks
medium
42301SuSE 11 Security Update : libneon (SAT Patch Number 1376)NessusSuSE Local Security Checks
medium
42206openSUSE Security Update : seamonkey (seamonkey-1364)NessusSuSE Local Security Checks
high
42202openSUSE Security Update : seamonkey (seamonkey-1364)NessusSuSE Local Security Checks
high
42200SuSE9 Security Update : epiphany (YOU Patch Number 12521)NessusSuSE Local Security Checks
high
42190SuSE 10 Security Update : Mozilla NSS (ZYPP Patch Number 6541)NessusSuSE Local Security Checks
high
42023openSUSE 10 Security Update : mutt (mutt-6487)NessusSuSE Local Security Checks
medium
42014openSUSE 10 Security Update : libldap-2_4-2 (libldap-2_4-2-6488)NessusSuSE Local Security Checks
medium
42013openSUSE 10 Security Update : libfreebl3 (libfreebl3-6494)NessusSuSE Local Security Checks
high
41986openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-6493)NessusSuSE Local Security Checks
medium
41566SuSE 10 Security Update : OpenLDAP2 (ZYPP Patch Number 6485)NessusSuSE Local Security Checks
medium
41559SuSE 10 Security Update : mutt (ZYPP Patch Number 6484)NessusSuSE Local Security Checks
medium
41438SuSE 11 Security Update : mutt (SAT Patch Number 1291)NessusSuSE Local Security Checks
medium
41420SuSE 11 Security Update : OpenLDAP2 (SAT Patch Number 1290)NessusSuSE Local Security Checks
medium
41419SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 1199)NessusSuSE Local Security Checks
high
41327SuSE9 Security Update : OpenLDAP2 (YOU Patch Number 12506)NessusSuSE Local Security Checks
medium
41326SuSE9 Security Update : mutt (YOU Patch Number 12505)NessusSuSE Local Security Checks
medium
41042openSUSE Security Update : mutt (mutt-1298)NessusSuSE Local Security Checks
medium
41041openSUSE Security Update : libldap-2_4-2 (libldap-2_4-2-1301)NessusSuSE Local Security Checks
medium
41036openSUSE Security Update : mutt (mutt-1298)NessusSuSE Local Security Checks
medium
41035openSUSE Security Update : libldap-2_4-2 (libldap-2_4-2-1301)NessusSuSE Local Security Checks
medium
41011openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-1303)NessusSuSE Local Security Checks
medium
41009openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-1303)NessusSuSE Local Security Checks
medium
40934CentOS 3 : seamonkey (CESA-2009:1432)NessusCentOS Local Security Checks
critical
40933CentOS 4 : seamonkey (CESA-2009:1431)NessusCentOS Local Security Checks
critical
40923RHEL 3 : seamonkey (RHSA-2009:1432)NessusRed Hat Local Security Checks
critical
40922RHEL 4 : seamonkey (RHSA-2009:1431)NessusRed Hat Local Security Checks
critical
40874SeaMonkey < 1.1.18 Multiple VulnerabilitiesNessusWindows
high
801235Mozilla SeaMonkey < 1.1.18 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
5152SeaMonkey < 1.1.18 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
40701Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2009:217-3)NessusMandriva Local Security Checks
medium
40664Mozilla Thunderbird < 2.0.0.23 Certificate Authority (CA) Common Name Null Byte Handling SSL MiTM WeaknessNessusWindows
medium
40652openSUSE Security Update : libfreebl3 (libfreebl3-1201)NessusSuSE Local Security Checks
high
40645openSUSE Security Update : libfreebl3 (libfreebl3-1201)NessusSuSE Local Security Checks
high
40523Mandriva Linux Security Advisory : firefox (MDVSA-2009:198)NessusMandriva Local Security Checks
high
40522Mandriva Linux Security Advisory : nss (MDVSA-2009:197-3)NessusMandriva Local Security Checks
high
40491Ubuntu 8.04 LTS / 8.10 / 9.04 : nspr update (USN-810-2)NessusUbuntu Local Security Checks
high
40490Ubuntu 8.04 LTS / 8.10 / 9.04 : nss vulnerabilities (USN-810-1)NessusUbuntu Local Security Checks
high
40485FreeBSD : mozilla -- multiple vulnerabilities (49e8f2ee-8147-11de-a994-0030843d3802)NessusFreeBSD Local Security Checks
high
40478Firefox < 3.0.13 Multiple VulnerabilitiesNessusWindows
high
800771Firefox < 3.0.13/3.5.0 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
5113Mozilla Firefox < 3.0.13/3.5.0 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
40441RHEL 5 : nspr and nss (RHSA-2009:1186)NessusRed Hat Local Security Checks
high
40439RHEL 4 : nspr and nss (RHSA-2009:1184)NessusRed Hat Local Security Checks
high