mozilla -- multiple vulnerabilities

The Mozilla Foundation reports of multiple security issues in Firefox, Seamonkey, and Thunderbird. Several of these issues can probably be used to run arbitrary code with the privilege of the user running the program. MFSA 2006-64 Crashes with evidence of memory corruption rv:1.8.0.7 MFSA 2006-63...

OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery

Background OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. The x86 emulation base libraries for AMD64 contain a vulnerable version of OpenSSL. Description Daniel Bleichenbacher discovered that it might be...

openssl signature forgery

OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS 1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying...

Security fix for the ALT Linux 8 package openssl10 version 0.9.7g-alt4

Sept. 6, 2006 Dmitry V. Levin 0.9.7g-alt4 - Applied upstream patch to avoid RSA signature forgery CVE-2006-4339...

Security fix for the ALT Linux 9 package openssl10 version 0.9.7g-alt4

Sept. 6, 2006 Dmitry V. Levin 0.9.7g-alt4 - Applied upstream patch to avoid RSA signature forgery CVE-2006-4339...

Security fix for the ALT Linux 9 package openssl1.1 version 0.9.7g-alt4

Sept. 6, 2006 Dmitry V. Levin 0.9.7g-alt4 - Applied upstream patch to avoid RSA signature forgery CVE-2006-4339...

DEBIAN-CVE-2006-4339

OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS 1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying...

CVE-2006-4339

OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS 1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying...

Vulnerability in OpenSSL - RSA Signature Forgery

Daniel Bleichenbacher discovered an attack on PKCS 1 v1.5 signatures where under certain circumstances it may be possible for an attacker to forge a PKCS 1 v1.5 signature that would be incorrectly verified by OpenSSL. Found by openssl...

OpenSSL Security Advisory [5th September 2006] RSA Signature Forgery (CVE-2006-4339)

OpenSSL Security Advisory 5th September 2006 RSA Signature Forgery CVE-2006-4339 ===================================== Vulnerability ------------- Daniel Bleichenbacher recently described an attack on PKCS 1 v1.5 signatures. If an RSA key with exponent 3 is used it may be possible to forge a PKCS...