Download
| Alert*
oval:org.secpod.oval:def:600447
Several vulnerabilities have been discovered in the Network Security Service libraries. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2404 Moxie Marlinspike discovered that a buffer overflow in the regular expression parser could lead to the execution o ... oval:org.secpod.oval:def:300847 Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate and md2 algorithm flaws , and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate . This update provides the latest versions of NSS and ... oval:org.secpod.oval:def:300704 Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate and md2 algorithm flaws , and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate . This update provides the latest versions of NSS and ... oval:org.secpod.oval:def:500590 Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time, basic memory management , and shared library linking. Network Security Services i ... oval:org.secpod.oval:def:1300222 A vulnerability has been discovered and corrected in php: The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, ... oval:org.secpod.oval:def:200490 SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileg ... oval:org.secpod.oval:def:300611 Security issues were identified and fixed in firefox 3.0.x: Security researcher Juan Pablo Lopez Yacubian reported that an attacker could call window.open on an invalid URL which looks similar to a legitimate URL and then use document.write to place content within the new document, appearing to have ... oval:org.secpod.oval:def:1100036 The host is missing a patch containing a security fixes, which affects the following package(s): bos.net.tcp.client. oval:org.secpod.oval:def:500498 Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time, basic memory management , and shared library linking. Network Security Services i ... oval:org.secpod.oval:def:300938 Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate and md2 algorithm flaws , and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate . This update provides the latest versions of NSS and ... oval:org.mitre.oval:def:8111 Several vulnerabilities have been discovered in the Network Security Service libraries. The Common Vulnerabilities and Exposures project identifies the following problems: Moxie Marlinspike discovered that a buffer overflow in the regular expression parser could lead to the execution of arbitrary co ... oval:org.secpod.oval:def:600141 Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2408 Dan Kaminsky and Moxie Marlinspike discovered that icedove does not p ... oval:org.secpod.oval:def:400068 The Mozilla Firefox was updated to current stable versions on all affected Linux products. openSUSE 10.3,11.0 and 11.1: Firefox was updated to the current stable branch version 3.0.14. These updates were already released on September 21st. The SUSE Linux Enterprise 11 products were upgraded to Mozil ... oval:org.secpod.oval:def:200500 SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileg ... oval:org.secpod.oval:def:700388 Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service or execute arbitrary code as the user invoking the program. Moxie Marlinspike and Dan Kaminsky indepen ... oval:org.secpod.oval:def:700454 USN-810-1 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause ... oval:org.mitre.oval:def:6699 Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: Dan Kaminsky and Moxie Marlinspike discovered that icedove does not properly handle ... oval:org.secpod.oval:def:500609 SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileg ... oval:org.secpod.oval:def:300598 A number of security vulnerabilities have been discovered in Mozilla Thunderbird: Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate . A vulnerability was found in xmltok_impl.c that with specially crafted XML could be exploited and lead to a den ... oval:org.secpod.oval:def:300840 A number of security vulnerabilities have been discovered in Mozilla Thunderbird: Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate . A vulnerability was found in xmltok_impl.c that with specially crafted XML could be exploited and lead to a den ... oval:org.secpod.oval:def:300972 A number of security vulnerabilities have been discovered in Mozilla Thunderbird: Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate . A vulnerability was found in xmltok_impl.c that with specially crafted XML could be exploited and lead to a den ... oval:org.secpod.oval:def:300558 A number of security vulnerabilities have been discovered in Mozilla Thunderbird: Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate . A vulnerability was found in xmltok_impl.c that with specially crafted XML could be exploited and lead to a den ... |