27 matches found
SUSE CVE-2006-4340
Mozilla Network Security Service NSS library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatur...
Ubuntu: Security Advisory (USN-351-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-361-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-352-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Code injection
In sigverify in x509.c in axTLS version 2.1.3 and before, the PKCS1 v1.5 signature verification does not reject excess data after the hash value. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation through fake X.509...
Oracle Linux 4 : firefox (ELSA-2006-0733 / ELSA-2006-0675 / ELSA-2006-0610)
Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Users of Firefox are advised to upgrade to...
Gentoo Security Advisory GLSA 200609-19 (Firefox)
The remote host is missing updates announced in advisory GLSA 200609-19. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200610-06 (nss)
The remote host is missing updates announced in advisory GLSA 200610-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Debian: Security Advisory (DSA-1192-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE 10 Security Update : mozilla-nss,mozilla-nss-devel (ZYPP Patch Number 2067)
A security problem in the SSL handling of the NSS libraries was found : If an RSA key with exponent 3 is used it may be possible to forge a PKCS verify the certificate if they are not checking for excess data in the RSA exponentiation result of the signature. This bug is tracked by the Mitre CVE ...
openSUSE 10 Security Update : mozilla-nss (mozilla-nss-2071)
A security problem in the SSL handling of the NSS libraries was found : If an RSA key with exponent 3 is used it may be possible to forge a PKCS verify the certificate if they are not checking for excess data in the RSA exponentiation result of the signature. This bug is tracked by the Mitre CVE ...
Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2006:205)
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.8. This update provides the latest Firefox to correct these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2006:169)
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 1.5.0.7. This update provides the latest Thunderbird to correct these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2006:206)
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 1.5.0.8. This update provides the latest Thunderbird to correct these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
[SECURITY] [DSA 1210-1] New Mozilla Firefox packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1210-1 [email protected] http://www.debian.org/security/ Martin Schulze November 14th, 2006 http://www.debian.org/security/faq -...
Debian DSA-1191-1 : mozilla-thunderbird - several vulnerabilities
Several security related problems have been discovered in Mozilla and derived products such as Mozilla Thunderbird. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2006-2788 Fernando Ribeiro discovered that a vulnerability in the getRawDER functio...
USN-361-1: Mozilla vulnerabilities
Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious URL. CVE-2006-2788, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3811, CVE-2006-4565, CVE-2006-4568, CVE-2006-4571 A bug was...
[SECURITY] [DSA 1192-1] New Mozilla packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1192-1 [email protected] http://www.debian.org/security/ Martin Schulze October 6th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1191-1] New Mozilla Thunderbird packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1191-1 [email protected] http://www.debian.org/security/ Martin Schulze October 5th, 2006 http://www.debian.org/security/faq -...
CentOS 4 : thunderbird (CESA-2006:0677)
Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Two flaws were found in...