fkie_cve-2008-2809
Vulnerability from fkie_nvd
Published
2008-07-08 23:41
Modified
2025-04-09 00:30
Severity ?
Summary
Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html
secalert@redhat.comhttp://nils.toedtmann.net/pub/subjectAltName.txt
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2008-0616.html
secalert@redhat.comhttp://secunia.com/advisories/30878
secalert@redhat.comhttp://secunia.com/advisories/30898
secalert@redhat.comhttp://secunia.com/advisories/30903
secalert@redhat.comhttp://secunia.com/advisories/30911Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/30949
secalert@redhat.comhttp://secunia.com/advisories/31005
secalert@redhat.comhttp://secunia.com/advisories/31008
secalert@redhat.comhttp://secunia.com/advisories/31021
secalert@redhat.comhttp://secunia.com/advisories/31023
secalert@redhat.comhttp://secunia.com/advisories/31069
secalert@redhat.comhttp://secunia.com/advisories/31076
secalert@redhat.comhttp://secunia.com/advisories/31183
secalert@redhat.comhttp://secunia.com/advisories/31195
secalert@redhat.comhttp://secunia.com/advisories/31220
secalert@redhat.comhttp://secunia.com/advisories/31253
secalert@redhat.comhttp://secunia.com/advisories/31286
secalert@redhat.comhttp://secunia.com/advisories/31377
secalert@redhat.comhttp://secunia.com/advisories/31403
secalert@redhat.comhttp://secunia.com/advisories/33433
secalert@redhat.comhttp://secunia.com/advisories/34501
secalert@redhat.comhttp://security.gentoo.org/glsa/glsa-200808-03.xml
secalert@redhat.comhttp://securityreason.com/securityalert/3498
secalert@redhat.comhttp://securitytracker.com/id?1018979
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
secalert@redhat.comhttp://wiki.rpath.com/Advisories:rPSA-2008-0216
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1607
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1615
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1621
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1697
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:136
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:155
secalert@redhat.comhttp://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15
secalert@redhat.comhttp://www.mozilla.org/security/announce/2008/mfsa2008-31.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0547.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0549.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0569.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/483929/100/100/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/483937/100/100/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/483960/100/100/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/494080/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/30038
secalert@redhat.comhttp://www.securitytracker.com/id?1020419
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-619-1
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-629-1
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/1993/references
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/0977
secalert@redhat.comhttps://bugzilla.mozilla.org/show_bug.cgi?id=240261
secalert@redhat.comhttps://bugzilla.mozilla.org/show_bug.cgi?id=327181
secalert@redhat.comhttps://bugzilla.mozilla.org/show_bug.cgi?id=402347
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/43524
secalert@redhat.comhttps://issues.rpath.com/browse/RPL-2646
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10205
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://nils.toedtmann.net/pub/subjectAltName.txt
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2008-0616.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30878
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30898
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30903
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30911Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30949
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31005
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31008
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31021
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31023
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31069
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31076
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31183
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31195
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31220
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31253
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31286
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31377
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31403
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33433
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34501
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200808-03.xml
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3498
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1018979
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2008-0216
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1607
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1615
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1621
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1697
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:136
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:155
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2008/mfsa2008-31.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0547.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0549.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0569.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/483929/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/483937/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/483960/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/494080/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/30038
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020419
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-619-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-629-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1993/references
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0977
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=240261
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=327181
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=402347
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/43524
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-2646
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10205
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html
Impacted products
Vendor Product Version
mozilla firefox 2.0.0.1
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.3
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.7
mozilla firefox 2.0.0.8
mozilla firefox 2.0.0.9
mozilla firefox 2.0.0.10
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.14
mozilla geckb *
mozilla seamonkey *
mozilla seamonkey 1.1.5
netscape navigator 9.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D956DC-C73B-439F-8D79-8239207CC76F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E2C7E7-56C0-466C-BB08-5EB43922C4F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "462E135A-5616-46CC-A9C0-5A7A0526ACC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6121F9C1-F4DF-4AAB-9E51-AC1592AA5639",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "58D44634-A0B5-4F05-8983-B08D392EC742",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3AC3D3-FDD7-489F-BDCF-BDB55DF33A8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4105171B-9C90-4ABF-B220-A35E7BA9EE40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "20985549-DB24-4B69-9D40-208A47AE658E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A13026-416F-4308-8A1B-E989BD769E12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "612B015E-9F96-4CE6-83E4-23848FD609E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E391619-0967-43E1-8CBC-4D54F72A85C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0544D626-E269-4677-9B05-7DAB23BD103B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "C95F7B2C-80FC-4DF2-9680-F74634DCE3E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "863C140E-DC15-4A88-AB8A-8AEF9F4B8164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:geckb:*:m8:*:*:*:*:*:*",
              "matchCriteriaId": "1AE6FF40-5C89-47F1-928C-7BC7DB7A57F3",
              "versionEndIncluding": "1.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0E9314D-0D23-4572-9956-D2E8B53540B1",
              "versionEndIncluding": "1.0.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "76AD0439-3BFB-4AD1-8E2C-99D0B099FA8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netscape:navigator:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE436EA-9F65-4B62-A11D-B102F5E5E9FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site."
    },
    {
      "lang": "es",
      "value": "Mozilla 1.9 M8 y anteriores, Mozilla Firefox 2 y anteriores a 2.0.0.15, SeaMonkey 1.1.5 y otras versiones anteriores a 1.1.10, Netscape 9.0, y otras navegadores basados en Mozilla, cuando un usuario aceptar un certificado SSL de servidor sobre las bases del nombre de dominio CN en el campo DN, considerando que el certificado es tambi\u00e9n aceptado por todos los nombres de dominio en el campo subjectAltName:dNSName, el cual hace m\u00e1s f\u00e1cil a los atacantes remotos enga\u00f1ar a un usuario aceptando un certificado no v\u00e1lido para una p\u00e1gina web falsa."
    }
  ],
  "id": "CVE-2008-2809",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-07-08T23:41:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://nils.toedtmann.net/pub/subjectAltName.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0616.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30878"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30898"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30903"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30911"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30949"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31005"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31021"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31023"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31069"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31076"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31183"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31195"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31220"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31253"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31286"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31403"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/33433"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/34501"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200808-03.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securityreason.com/securityalert/3498"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1018979"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.383152"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.384911"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.410484"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0216"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1607"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1615"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1621"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2009/dsa-1697"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:136"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:155"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-31.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0547.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0549.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0569.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/483929/100/100/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/483937/100/100/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/483960/100/100/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/494080/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/30038"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1020419"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-619-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-629-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/1993/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2009/0977"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=240261"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=327181"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=402347"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43524"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-2646"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10205"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://nils.toedtmann.net/pub/subjectAltName.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0616.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30878"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30903"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30949"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31069"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31195"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31253"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31286"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31403"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33433"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200808-03.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3498"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018979"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.383152"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.384911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.410484"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1615"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1621"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:155"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-31.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0547.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0549.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0569.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/483929/100/100/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/483937/100/100/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/483960/100/100/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/494080/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/30038"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020419"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-619-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-629-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1993/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=240261"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=327181"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=402347"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43524"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-2646"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10205"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.