CVE-2010-3174

Related Files

Debian Linux Security Advisory 2124-1

Posted Nov 2, 2010

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2124-1 - Several vulnerabilities have been discovered in Xulrunner, the component that provides the core functionality of Iceweasel, Debian's variant of Mozilla's browser technology.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2010-3765, CVE-2010-3174, CVE-2010-3176, CVE-2010-3177, CVE-2010-3178, CVE-2010-3179, CVE-2010-3180, CVE-2010-3183

SHA-256 | 63d61427844f29c8b6e7dc2bb27976f5d4dd7c9f8fd7a49ed4c6645fc811806c

Download | Favorite | View

Mandriva Linux Security Advisory 2010-211

Posted Oct 22, 2010

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-211 - The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Various other issues have also been addressed.

tags | advisory, remote, denial of service, arbitrary

systems | linux, mandriva

advisories | CVE-2010-3173, CVE-2010-3174, CVE-2010-3175, CVE-2010-3176, CVE-2010-3178, CVE-2010-3179, CVE-2010-3180, CVE-2010-3182, CVE-2010-3183

SHA-256 | c4aa2dae679ba79e24b8322c372a70db3de31777d295bd7bdc83df4e576d061f

Download | Favorite | View

Mandriva Linux Security Advisory 2010-210

Posted Oct 22, 2010

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-210 - Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. Various other issues have also been addressed.

tags | advisory, remote, arbitrary, spoof

systems | linux, mandriva

advisories | CVE-2010-3170, CVE-2010-3173, CVE-2010-3174, CVE-2010-3175, CVE-2010-3176, CVE-2010-3177, CVE-2010-3178, CVE-2010-3179, CVE-2010-3180, CVE-2010-3182, CVE-2010-3183

SHA-256 | b49486071419be28e46150635739bbf1691dc4896d5fd2196ec5211581c260cf

Download | Favorite | View