Download
| Alert*
oval:org.secpod.oval:def:600447
Several vulnerabilities have been discovered in the Network Security Service libraries. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2404 Moxie Marlinspike discovered that a buffer overflow in the regular expression parser could lead to the execution o ... oval:org.secpod.oval:def:300847 Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate and md2 algorithm flaws , and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate . This update provides the latest versions of NSS and ... oval:org.secpod.oval:def:300704 Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate and md2 algorithm flaws , and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate . This update provides the latest versions of NSS and ... oval:org.secpod.oval:def:500590 Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time, basic memory management , and shared library linking. Network Security Services i ... oval:org.secpod.oval:def:300611 Security issues were identified and fixed in firefox 3.0.x: Security researcher Juan Pablo Lopez Yacubian reported that an attacker could call window.open on an invalid URL which looks similar to a legitimate URL and then use document.write to place content within the new document, appearing to have ... oval:org.secpod.oval:def:500498 Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time, basic memory management , and shared library linking. Network Security Services i ... oval:org.secpod.oval:def:500696 SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Moxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library used to match common names in certificates. A malicious website could present a carefully-crafted ... oval:org.secpod.oval:def:200399 SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Moxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library used to match common names in certificates. A malicious website could present a carefully-crafted ... oval:org.secpod.oval:def:200298 SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Moxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library used to match common names in certificates. A malicious website could present a carefully-crafted ... oval:org.mitre.oval:def:8111 Several vulnerabilities have been discovered in the Network Security Service libraries. The Common Vulnerabilities and Exposures project identifies the following problems: Moxie Marlinspike discovered that a buffer overflow in the regular expression parser could lead to the execution of arbitrary co ... oval:org.secpod.oval:def:300938 Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate and md2 algorithm flaws , and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate . This update provides the latest versions of NSS and ... oval:org.secpod.oval:def:600141 Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2408 Dan Kaminsky and Moxie Marlinspike discovered that icedove does not p ... oval:org.secpod.oval:def:400068 The Mozilla Firefox was updated to current stable versions on all affected Linux products. openSUSE 10.3,11.0 and 11.1: Firefox was updated to the current stable branch version 3.0.14. These updates were already released on September 21st. The SUSE Linux Enterprise 11 products were upgraded to Mozil ... oval:org.secpod.oval:def:700388 Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service or execute arbitrary code as the user invoking the program. Moxie Marlinspike and Dan Kaminsky indepen ... oval:org.secpod.oval:def:700454 USN-810-1 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause ... oval:org.mitre.oval:def:6699 Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: Dan Kaminsky and Moxie Marlinspike discovered that icedove does not properly handle ... |