Download
| Alert*
oval:org.secpod.oval:def:25598
The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 or 38.x before 38.1 and is prone to an ECDSA signatures spoofing vulnerability. A flaw is present in the applications, which do not properly perform Elliptical Curve Cryptography (ECC) multiplications. Successful ex ... oval:org.secpod.oval:def:501644 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way NSS verified certain ECDSA signatures. Under certain conditions, an attacker could use this flaw to conduct signature forge ... oval:org.secpod.oval:def:25599 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-64. The update is required to fix an ECDSA signatures spoofing vulnerability. A flaw is present in the applications, which do not properly perform Elliptical Curve Cryptography (ECC) multiplications. Successful e ... oval:org.secpod.oval:def:203724 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way NSS verified certain ECDSA signatures. Under certain conditions, an attacker could use this flaw to conduct signature forge ... oval:org.secpod.oval:def:602195 Several vulnerabilities have been discovered in nss, the Mozilla Network Security Service library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-2721 Karthikeyan Bhargavan discovered that NSS incorrectly handles state transitions for the TLS state machi ... oval:org.secpod.oval:def:1501118 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. It was found that NSS permitted skipping of the ServerKeyExchange packet during a handshake involving ECDHE . A remote attacker could use this flaw to b ... oval:org.secpod.oval:def:1501161 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way NSS verified certain ECDSA signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery ... oval:org.secpod.oval:def:1501162 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way NSS verified certain ECDSA signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery ... oval:org.secpod.oval:def:203711 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way NSS verified certain ECDSA signatures. Under certain conditions, an attacker could use this flaw to conduct signature forge ... oval:org.secpod.oval:def:1200171 A flaw was found in the way NSS verified certain ECDSA signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery attacks. oval:org.secpod.oval:def:203697 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. It was found that NSS permitted skipping of the ServerKeyExchange packet during a handshake involving ECDHE . A remote attacker could use this flaw to b ... oval:org.secpod.oval:def:702634 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:501637 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. It was found that NSS permitted skipping of the ServerKeyExchange packet during a handshake involving ECDHE . A remote attacker could use this flaw to b ... oval:org.secpod.oval:def:52517 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:52521 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702642 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:89045411 MozillaFirefox, mozilla-nspr and mozilla-nss were updated to fix 17 security issues. For more details please check the changelogs. These security issues were fixed: - CVE-2015-2724/CVE-2015-2725/CVE-2015-2726: Miscellaneous memory safety hazards . - CVE-2015-2728: Type confusion in Indexed Database ... oval:org.secpod.oval:def:89045470 MozillaFirefox, mozilla-nspr and mozilla-nss were updated to fix 17 security issues. For more details please check the changelogs. These security issues were fixed: - CVE-2015-2724/CVE-2015-2725/CVE-2015-2726: Miscellaneous memory safety hazards . - CVE-2015-2728: Type confusion in Indexed Database ... oval:org.secpod.oval:def:25633 The host is installed with Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 or 38.x before 38.1 and is prone to an ECDSA signatures spoofing vulnerability. A flaw is present in the applications, which do not properly perform Elliptical Curve Cryptography (ECC) multiplications. Successful ex ... oval:org.secpod.oval:def:25634 The host is missing a critical security update according to Mozilla advisory, MFSA-2015-64. The update is required to fix an ECDSA signatures spoofing vulnerability. A flaw is present in the applications, which do not properly perform Elliptical Curve Cryptography (ECC) multiplications. Successful e ... |