Lucene search

K

PRIOn knowledge basePRION:CVE-2009-2409

HistoryJul 30, 2009 - 7:30 p.m.

Code injection

2009-07-3019:30:00

PRIOn knowledge base

www.prio-n.com

5

6.6 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.3%

The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large.

CPENameOperatorVersion
gnutlseq2.3.5
gnutlseq1.6.0
gnutlseq2.0.0
gnutlseq1.5.0
gnutlseq1.2.8
gnutlseq1.1.14
gnutlseq2.3.4
gnutlseq1.7.3
gnutlseq2.7.4
gnutlseq1.4.1

Rows per page:

1-10 of 1591

References

java.sun.com/j2se/1.5.0/ReleaseNotes.html

java.sun.com/javase/6/webnotes/6u17.html

lists.apple.com/archives/security-announce/2009/Nov/msg00000.html

secunia.com/advisories/36139

secunia.com/advisories/36157

secunia.com/advisories/36434

secunia.com/advisories/36669

secunia.com/advisories/36739

secunia.com/advisories/37386

secunia.com/advisories/42467

security.gentoo.org/glsa/glsa-200911-02.xml

security.gentoo.org/glsa/glsa-200912-01.xml

support.apple.com/kb/HT3937

www.debian.org/security/2009/dsa-1874

www.mandriva.com/security/advisories?name=MDVSA-2009:197

www.mandriva.com/security/advisories?name=MDVSA-2009:216

www.mandriva.com/security/advisories?name=MDVSA-2009:258

www.mandriva.com/security/advisories?name=MDVSA-2010:084

www.redhat.com/support/errata/RHSA-2009-1207.html

www.redhat.com/support/errata/RHSA-2009-1432.html

www.securityfocus.com/archive/1/515055/100/0/threaded

www.securitytracker.com/id?1022631

www.ubuntu.com/usn/usn-810-1

www.vmware.com/security/advisories/VMSA-2010-0019.html

www.vupen.com/english/advisories/2009/2085

www.vupen.com/english/advisories/2009/3184

www.vupen.com/english/advisories/2010/3126

bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2409

lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html

lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10763

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6631

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7155

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8594

rhn.redhat.com/errata/RHSA-2010-0095.html

usn.ubuntu.com/810-2/

www.debian.org/security/2009/dsa-1888

6.6 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.3%

Related for PRION:CVE-2009-2409

nessus56 cve2 openvas85 ubuntucve1 f52 cvelist2 veracode1 ubuntu5 nvd2 debiancve2 prion1 oraclelinux6 securityvulns3 centos5 redhat11 osv2 debian3 vmware6 gentoo1 fedora3