27 matches found
Ubuntu: Security Advisory (USN-810-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Network Security Services Regexp Heap Overflow - Improved Performance (CVE-2009-2404)
Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. it is used by applications such as Mozilla Firefox and Mozilla Thunderbird. A remote code execution vulnerability has been reported within Mozilla...
Scientific Linux Security Update : seamonkey on SL3.x i386/x86_64
CVE-2009-2404 nss regexp heap overflow Moxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library provided by SeaMonkey used to match common names in certificates. A malicious website could present a carefully-crafted certificate in such a way as to trigger...
VMSA-2010-0001 : ESX Service Console and vMA updates for nss and nspr
a. Update for Service Console packages nss and nspr Service console packages for Network Security Services NSS and NetScape Portable Runtime NSPR are updated to versions nss-3.12.3.99.3-1.2157 and nspr-4.7.6-1.2213 respectively. This patch fixes several security issues in the service console...
VMSA-2010-0001:ESX Service Console and vMA updates for nss and nspr
VMSA-2010-0001.1 ESX Service Console and vMA updates for nss and nspr VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2010-0001.1 VMware Security Advisory Synopsis: ESX Service Console and vMA updates for nss and nspr VMware Security Advisory Issue date: 2010-03-03 VMware...
SLES9: Security update for epiphany
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: mozilla mozilla-devel mozilla-dom-inspector mozilla-irc mozilla-mail mozilla-venkman For more information, please visit the referenced security advisories...
SUSE: Security Advisory for MozillaFirefox (SUSE-SA:2009:048)
The remote host is missing updates announced in advisory SUSE-SA:2009:048. Copyright C 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...
openSUSE 10 Security Update : libfreebl3 (libfreebl3-6494)
The Mozilla NSS and dependend libraries were updated to fix various issues. CVE-2009-2404 / MFSA 2009-43 : Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services NSS before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Insta...
SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 1199)
The Mozilla NSS security framework was updated to version 3.12.3.1. - Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services NSS before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger AIM, allows remote SSL...
Mandrake Security Advisory MDVSA-2009:216 (mozilla-thunderbird)
The remote host is missing an update to mozilla-thunderbird announced via advisory MDVSA-2009:216. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...
Debian: Security Advisory (DSA-1874-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 1874-1] New nss packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1874-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 26, 2009 http://www.debian.org/security/faq -...
Mandrake Security Advisory MDVSA-2009:197 (nss)
The remote host is missing an update to nss announced via advisory MDVSA-2009:197. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...
FreeBSD Ports: firefox, linux-firefox-devel
The remote host is missing an update to the system as announced in the referenced advisory. VID 49e8f2ee-8147-11de-a994-0030843d3802 OpenVAS Vulnerability Test $ Description: Auto generated from VID 49e8f2ee-8147-11de-a994-0030843d3802 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Ubuntu USN-810-2 (fixed)
The remote host is missing an update to fixed announced via advisory USN-810-2. Original advisory details: Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of...
Mandrake Security Advisory MDVSA-2009:198 (firefox)
The remote host is missing an update to firefox announced via advisory MDVSA-2009:198. OpenVAS Vulnerability Test $Id: mdksa2009198.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:198 firefox Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
Mandrake Security Advisory MDVSA-2009:197 (nss)
The remote host is missing an update to nss announced via advisory MDVSA-2009:197. OpenVAS Vulnerability Test $Id: mdksa2009197.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:197 nss Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Mandriva Linux Security Advisory : nss (MDVSA-2009:197-3)
Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate CVE-2009-2408 and md2 algorithm flaws CVE-2009-2409, and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate CVE-2009-2404. This updat...
Mozilla Foundation Security Advisory 2009-43
Mozilla Foundation Security Advisory 2009-43 Title: Heap overflow in certificate regexp parsing Impact: Critical Announced: August 1, 2009 Reporter: Moxie Marlinspike Products: Firefox, Thunderbird, SeaMonkey, NSS Fixed in: Firefox 3.5 NSS 3.12.3 Description Moxie Marlinspike reported a heap...
Ubuntu 8.04 LTS / 8.10 / 9.04 : nspr update (USN-810-2)
USN-810-1 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service via...