Lucene search

K
nvd[email protected]NVD:CVE-2010-3170
HistoryOct 21, 2010 - 7:00 p.m.

CVE-2010-3170

2010-10-2119:00:02
CWE-310
web.nvd.nist.gov
15
ssl
man-in-the-middle
x.509 certificate

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

8.3

Confidence

High

EPSS

0.001

Percentile

46.7%

Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject’s Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

Affected configurations

Nvd
Node
mozillafirefoxMatch3.6
OR
mozillafirefoxMatch3.6.2
OR
mozillafirefoxMatch3.6.3
OR
mozillafirefoxMatch3.6.4
OR
mozillafirefoxMatch3.6.6
OR
mozillafirefoxMatch3.6.7
OR
mozillafirefoxMatch3.6.8
OR
mozillafirefoxMatch3.6.9
OR
mozillafirefoxMatch3.6.10
Node
mozillaseamonkeyRange2.0.8
OR
mozillaseamonkeyMatch1.0
OR
mozillaseamonkeyMatch1.0alpha
OR
mozillaseamonkeyMatch1.0beta
OR
mozillaseamonkeyMatch1.0.1
OR
mozillaseamonkeyMatch1.0.2
OR
mozillaseamonkeyMatch1.0.3
OR
mozillaseamonkeyMatch1.0.4
OR
mozillaseamonkeyMatch1.0.5
OR
mozillaseamonkeyMatch1.0.6
OR
mozillaseamonkeyMatch1.0.7
OR
mozillaseamonkeyMatch1.0.8
OR
mozillaseamonkeyMatch1.0.9
OR
mozillaseamonkeyMatch1.1
OR
mozillaseamonkeyMatch1.1alpha
OR
mozillaseamonkeyMatch1.1beta
OR
mozillaseamonkeyMatch1.1.1
OR
mozillaseamonkeyMatch1.1.2
OR
mozillaseamonkeyMatch1.1.3
OR
mozillaseamonkeyMatch1.1.4
OR
mozillaseamonkeyMatch1.1.5
OR
mozillaseamonkeyMatch1.1.6
OR
mozillaseamonkeyMatch1.1.7
OR
mozillaseamonkeyMatch1.1.8
OR
mozillaseamonkeyMatch1.1.9
OR
mozillaseamonkeyMatch1.1.10
OR
mozillaseamonkeyMatch1.1.11
OR
mozillaseamonkeyMatch1.1.12
OR
mozillaseamonkeyMatch1.1.13
OR
mozillaseamonkeyMatch1.1.14
OR
mozillaseamonkeyMatch1.1.15
OR
mozillaseamonkeyMatch1.1.16
OR
mozillaseamonkeyMatch1.1.17
OR
mozillaseamonkeyMatch1.1.18
OR
mozillaseamonkeyMatch1.1.19
OR
mozillaseamonkeyMatch1.5.0.8
OR
mozillaseamonkeyMatch1.5.0.9
OR
mozillaseamonkeyMatch1.5.0.10
OR
mozillaseamonkeyMatch2.0
OR
mozillaseamonkeyMatch2.0alpha_1
OR
mozillaseamonkeyMatch2.0alpha_2
OR
mozillaseamonkeyMatch2.0alpha_3
OR
mozillaseamonkeyMatch2.0beta_1
OR
mozillaseamonkeyMatch2.0beta_2
OR
mozillaseamonkeyMatch2.0rc1
OR
mozillaseamonkeyMatch2.0rc2
OR
mozillaseamonkeyMatch2.0.1
OR
mozillaseamonkeyMatch2.0.2
OR
mozillaseamonkeyMatch2.0.3
OR
mozillaseamonkeyMatch2.0.4
OR
mozillaseamonkeyMatch2.0.5
OR
mozillaseamonkeyMatch2.0.6
OR
mozillaseamonkeyMatch2.0.7
Node
mozillathunderbirdRange3.0.8
OR
mozillathunderbirdMatch0.1
OR
mozillathunderbirdMatch0.2
OR
mozillathunderbirdMatch0.3
OR
mozillathunderbirdMatch0.4
OR
mozillathunderbirdMatch0.5
OR
mozillathunderbirdMatch0.6
OR
mozillathunderbirdMatch0.7
OR
mozillathunderbirdMatch0.7.1
OR
mozillathunderbirdMatch0.7.2
OR
mozillathunderbirdMatch0.7.3
OR
mozillathunderbirdMatch0.8
OR
mozillathunderbirdMatch0.9
OR
mozillathunderbirdMatch1.0
OR
mozillathunderbirdMatch1.0.1
OR
mozillathunderbirdMatch1.0.2
OR
mozillathunderbirdMatch1.0.3
OR
mozillathunderbirdMatch1.0.4
OR
mozillathunderbirdMatch1.0.5
OR
mozillathunderbirdMatch1.0.6
OR
mozillathunderbirdMatch1.0.7
OR
mozillathunderbirdMatch1.0.8
OR
mozillathunderbirdMatch1.5
OR
mozillathunderbirdMatch1.5beta2
OR
mozillathunderbirdMatch1.5.0.1
OR
mozillathunderbirdMatch1.5.0.2
OR
mozillathunderbirdMatch1.5.0.3
OR
mozillathunderbirdMatch1.5.0.4
OR
mozillathunderbirdMatch1.5.0.5
OR
mozillathunderbirdMatch1.5.0.6
OR
mozillathunderbirdMatch1.5.0.7
OR
mozillathunderbirdMatch1.5.0.8
OR
mozillathunderbirdMatch1.5.0.9
OR
mozillathunderbirdMatch1.5.0.10
OR
mozillathunderbirdMatch1.5.0.11
OR
mozillathunderbirdMatch1.5.0.12
OR
mozillathunderbirdMatch1.5.0.13
OR
mozillathunderbirdMatch1.5.0.14
OR
mozillathunderbirdMatch1.5.1
OR
mozillathunderbirdMatch1.5.2
OR
mozillathunderbirdMatch2.0
OR
mozillathunderbirdMatch2.0.0.0
OR
mozillathunderbirdMatch2.0.0.1
OR
mozillathunderbirdMatch2.0.0.2
OR
mozillathunderbirdMatch2.0.0.3
OR
mozillathunderbirdMatch2.0.0.4
OR
mozillathunderbirdMatch2.0.0.5
OR
mozillathunderbirdMatch2.0.0.6
OR
mozillathunderbirdMatch2.0.0.7
OR
mozillathunderbirdMatch2.0.0.8
OR
mozillathunderbirdMatch2.0.0.9
OR
mozillathunderbirdMatch2.0.0.12
OR
mozillathunderbirdMatch2.0.0.14
OR
mozillathunderbirdMatch2.0.0.16
OR
mozillathunderbirdMatch2.0.0.17
OR
mozillathunderbirdMatch2.0.0.18
OR
mozillathunderbirdMatch2.0.0.19
OR
mozillathunderbirdMatch2.0.0.21
OR
mozillathunderbirdMatch2.0.0.22
OR
mozillathunderbirdMatch2.0.0.23
OR
mozillathunderbirdMatch3.0
OR
mozillathunderbirdMatch3.0.1
OR
mozillathunderbirdMatch3.0.2
OR
mozillathunderbirdMatch3.0.3
OR
mozillathunderbirdMatch3.0.4
OR
mozillathunderbirdMatch3.0.5
OR
mozillathunderbirdMatch3.0.6
OR
mozillathunderbirdMatch3.0.7
Node
mozillafirefoxRange3.5.13
OR
mozillafirefoxMatch1.0
OR
mozillafirefoxMatch1.0preview_release
OR
mozillafirefoxMatch1.0.1
OR
mozillafirefoxMatch1.0.2
OR
mozillafirefoxMatch1.0.3
OR
mozillafirefoxMatch1.0.4
OR
mozillafirefoxMatch1.0.5
OR
mozillafirefoxMatch1.0.6
OR
mozillafirefoxMatch1.0.7
OR
mozillafirefoxMatch1.0.8
OR
mozillafirefoxMatch1.5
OR
mozillafirefoxMatch1.5beta1
OR
mozillafirefoxMatch1.5beta2
OR
mozillafirefoxMatch1.5.0.1
OR
mozillafirefoxMatch1.5.0.2
OR
mozillafirefoxMatch1.5.0.3
OR
mozillafirefoxMatch1.5.0.4
OR
mozillafirefoxMatch1.5.0.5
OR
mozillafirefoxMatch1.5.0.6
OR
mozillafirefoxMatch1.5.0.7
OR
mozillafirefoxMatch1.5.0.8
OR
mozillafirefoxMatch1.5.0.9
OR
mozillafirefoxMatch1.5.0.10
OR
mozillafirefoxMatch1.5.0.11
OR
mozillafirefoxMatch1.5.0.12
OR
mozillafirefoxMatch1.5.1
OR
mozillafirefoxMatch1.5.2
OR
mozillafirefoxMatch1.5.3
OR
mozillafirefoxMatch1.5.4
OR
mozillafirefoxMatch1.5.5
OR
mozillafirefoxMatch1.5.6
OR
mozillafirefoxMatch1.5.7
OR
mozillafirefoxMatch1.5.8
OR
mozillafirefoxMatch2.0
OR
mozillafirefoxMatch2.0.0.1
OR
mozillafirefoxMatch2.0.0.2
OR
mozillafirefoxMatch2.0.0.3
OR
mozillafirefoxMatch2.0.0.4
OR
mozillafirefoxMatch2.0.0.5
OR
mozillafirefoxMatch2.0.0.6
OR
mozillafirefoxMatch2.0.0.7
OR
mozillafirefoxMatch2.0.0.8
OR
mozillafirefoxMatch2.0.0.9
OR
mozillafirefoxMatch2.0.0.10
OR
mozillafirefoxMatch2.0.0.11
OR
mozillafirefoxMatch2.0.0.12
OR
mozillafirefoxMatch2.0.0.13
OR
mozillafirefoxMatch2.0.0.14
OR
mozillafirefoxMatch2.0.0.15
OR
mozillafirefoxMatch2.0.0.16
OR
mozillafirefoxMatch2.0.0.17
OR
mozillafirefoxMatch2.0.0.18
OR
mozillafirefoxMatch2.0.0.19
OR
mozillafirefoxMatch2.0.0.20
OR
mozillafirefoxMatch3.0
OR
mozillafirefoxMatch3.0.1
OR
mozillafirefoxMatch3.0.2
OR
mozillafirefoxMatch3.0.3
OR
mozillafirefoxMatch3.0.4
OR
mozillafirefoxMatch3.0.5
OR
mozillafirefoxMatch3.0.6
OR
mozillafirefoxMatch3.0.7
OR
mozillafirefoxMatch3.0.8
OR
mozillafirefoxMatch3.0.9
OR
mozillafirefoxMatch3.0.10
OR
mozillafirefoxMatch3.0.11
OR
mozillafirefoxMatch3.0.12
OR
mozillafirefoxMatch3.0.13
OR
mozillafirefoxMatch3.0.14
OR
mozillafirefoxMatch3.0.15
OR
mozillafirefoxMatch3.0.16
OR
mozillafirefoxMatch3.0.17
OR
mozillafirefoxMatch3.5
OR
mozillafirefoxMatch3.5.1
OR
mozillafirefoxMatch3.5.2
OR
mozillafirefoxMatch3.5.3
OR
mozillafirefoxMatch3.5.4
OR
mozillafirefoxMatch3.5.5
OR
mozillafirefoxMatch3.5.6
OR
mozillafirefoxMatch3.5.7
OR
mozillafirefoxMatch3.5.8
OR
mozillafirefoxMatch3.5.9
OR
mozillafirefoxMatch3.5.10
OR
mozillafirefoxMatch3.5.11
OR
mozillafirefoxMatch3.5.12
Node
mozillathunderbirdMatch3.1
OR
mozillathunderbirdMatch3.1.1
OR
mozillathunderbirdMatch3.1.2
OR
mozillathunderbirdMatch3.1.3
OR
mozillathunderbirdMatch3.1.4
VendorProductVersionCPE
mozillafirefox3.6cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*
mozillafirefox3.6.2cpe:2.3:a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*
mozillafirefox3.6.3cpe:2.3:a:mozilla:firefox:3.6.3:*:*:*:*:*:*:*
mozillafirefox3.6.4cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*
mozillafirefox3.6.6cpe:2.3:a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*
mozillafirefox3.6.7cpe:2.3:a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*
mozillafirefox3.6.8cpe:2.3:a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*
mozillafirefox3.6.9cpe:2.3:a:mozilla:firefox:3.6.9:*:*:*:*:*:*:*
mozillafirefox3.6.10cpe:2.3:a:mozilla:firefox:3.6.10:*:*:*:*:*:*:*
mozillaseamonkey*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 2211

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

8.3

Confidence

High

EPSS

0.001

Percentile

46.7%