Download
| Alert*
oval:org.secpod.oval:def:1600172
A flaw was found in the way NSS parsed ASN.1 input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. oval:org.secpod.oval:def:1600178 A flaw was found in the way NSS parsed ASN.1 input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. oval:org.secpod.oval:def:21264 The host is missing a low severity security update according to Google advisory. The update is required to fix signature malleability vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation makes it easier for remote attackers to spoof RSA s ... oval:org.secpod.oval:def:203440 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS parsed ASN.1 inp ... oval:org.secpod.oval:def:52304 nss: Network Security Service library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:52306 firefox: Mozilla Open Source web browser Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:203449 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS parsed ASN.1 inp ... oval:org.secpod.oval:def:52309 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-2360-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Original advisory Fraudulent security certificates could allow sensitive information to be exposed when accessing the Inter ... oval:org.secpod.oval:def:1600070 A flaw was found in the way NSS parsed ASN.1 input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. oval:org.secpod.oval:def:203439 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS parsed ASN.1 inp ... oval:org.secpod.oval:def:702230 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-2360-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Original advisory Fraudulent security certificates could allow sensitive information to be exposed when accessing the Inter ... oval:org.secpod.oval:def:702222 nss: Network Security Service library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:702225 firefox: Mozilla Open Source web browser Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:1500735 Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ... oval:org.secpod.oval:def:1500738 Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ... oval:org.secpod.oval:def:601786 Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS , was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack. An attacker could craft ASN.1 data to forge RSA certificates with a valid certification chain to a trusted CA. oval:org.secpod.oval:def:1500740 Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available fro ... oval:org.secpod.oval:def:501393 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS parsed ASN.1 inp ... oval:org.secpod.oval:def:501397 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS parsed ASN.1 inp ... oval:org.secpod.oval:def:601798 Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS , was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack. An attacker could craft ASN.1 data to forge RSA certificates with a valid certification chain to a trusted CA. oval:org.secpod.oval:def:21358 Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1 ... oval:org.secpod.oval:def:21356 Antoine Delignat-Lavaud , security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is ... oval:org.secpod.oval:def:21357 The host is missing a low severity security update according to Google advisory. The update is required to fix signature malleability vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation makes it easier for remote attackers to spoof RSA s ... oval:org.secpod.oval:def:107720 Utilities for Network Security Services and the Softoken module oval:org.secpod.oval:def:107804 Network Security Services Softoken Cryptographic Module oval:org.secpod.oval:def:107809 Utilities for Network Security Services and the Softoken module oval:org.secpod.oval:def:107762 Network Security Services Softoken Cryptographic Module oval:org.secpod.oval:def:107568 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security stand ... oval:org.secpod.oval:def:107659 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security stand ... oval:org.secpod.oval:def:21266 Antoine Delignat-Lavaud , security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is ... oval:org.secpod.oval:def:21265 Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, ... |