Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-3170HistoryOct 21, 2010 - 7:00 p.m.
CVE-2010-3170
2010-10-2119:00:02
Debian Security Bug Tracker
security-tracker.debian.org
38
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.001
Percentile
46.7%
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject’s Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | nss | < 3.12.8-1 | nss_3.12.8-1_all.deb |
| Debian | 11 | all | nss | < 3.12.8-1 | nss_3.12.8-1_all.deb |
| Debian | 999 | all | nss | < 3.12.8-1 | nss_3.12.8-1_all.deb |
| Debian | 13 | all | nss | < 3.12.8-1 | nss_3.12.8-1_all.deb |
Related
openvas
openvas
Fedora Update for nss-softokn FEDORA-2010-15897
2010-12-02 00:00:00
Fedora Update for nss-softokn FEDORA-2010-15989
2010-11-16 00:00:00
Fedora Update for nss-util FEDORA-2010-15989
2010-11-16 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: nss-3.12.8-2.fc14
2010-10-28 05:48:31
[SECURITY] Fedora 14 Update: nss-softokn-3.12.8-1.fc14
2010-10-28 05:48:31
[SECURITY] Fedora 13 Update: nss-3.12.8-2.fc13
2010-10-27 22:30:59
nvd
nvd
CVE-2010-3170
2010-10-21 19:00:02
oraclelinux
oraclelinux
nss security update
2011-02-11 00:00:00
seamonkey security update
2010-10-20 00:00:00
firefox security update
2010-10-20 00:00:00
nessus
nessus
ubuntucve
ubuntucve
CVE-2010-3170
2010-10-20 00:00:00
prion
prion
Design/Logic Flaw
2010-10-21 19:00:00
mozilla
mozilla
SSL wildcard certificate matching IP addresses — Mozilla
2010-10-19 00:00:00
cve
cve
CVE-2010-3170
2010-10-21 19:00:02
redhat
redhat
(RHSA-2010:0862) Low: nss security update
2010-11-10 00:00:00
(RHSA-2010:0781) Critical: seamonkey security update
2010-10-19 00:00:00
(RHSA-2010:0782) Critical: firefox security update
2010-10-19 00:00:00
veracode
veracode
Man-in-the-Middle (MitM)
2020-04-10 00:53:00
cvelist
cvelist
CVE-2010-3170
2010-10-21 18:12:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2010-70
2010-10-23 00:00:00
osv
osv
nss - cryptographic weaknesses
2010-11-01 00:00:00
debian
debian
[SECURITY] [DSA 2123-1] New NSS packages fix cryptographic weaknesses
2010-11-01 19:45:41
BSA-009 Security Update for nss
2010-11-02 15:06:03
BSA-009 Security Update for nss
2010-11-02 19:04:18
ubuntu
ubuntu
NSS vulnerabilities
2010-10-20 00:00:00
centos
centos
seamonkey security update
2010-10-25 12:12:58
firefox, nss, xulrunner security update
2010-10-20 14:29:05
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-10-19 00:00:00
suse
suse
remote code execution in MozillaFirefox,seamonkey,MozillaThunderbird
2010-11-08 11:27:17
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
vmware
vmware
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.001
Percentile
46.7%
Related for DEBIANCVE:CVE-2010-3170