exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

GHSA-pm7c-vg9h-jxxc

около 3 лет назад

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.

CVSS3: 5.9

EPSS: Низкий

CVE-2009-2408

почти 16 лет назад

CVSS3: 5.9

EPSS: Низкий

CVE-2009-2408

почти 16 лет назад

CVSS2: 4.3

EPSS: Низкий

CVE-2009-2408

почти 16 лет назад

CVSS3: 5.9

EPSS: Низкий

CVE-2009-2408

почти 16 лет назад

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before ...

CVSS3: 5.9

EPSS: Низкий

ELSA-2009-1186

почти 16 лет назад

ELSA-2009-1186: nspr and nss security, bug fix, and enhancement update (CRITICAL)

EPSS: Низкий

ELSA-2009-1184

почти 16 лет назад

ELSA-2009-1184: nspr and nss security and bug fix update (CRITICAL)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
GHSA-pm7c-vg9h-jxxc Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.	CVSS3: 5.9	2% Низкий	около 3 лет назад
CVE-2009-2408 Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.	CVSS3: 5.9	2% Низкий	почти 16 лет назад
CVE-2009-2408 Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.	CVSS2: 4.3	2% Низкий	почти 16 лет назад
CVE-2009-2408 Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.	CVSS3: 5.9	2% Низкий	почти 16 лет назад
CVE-2009-2408 Mozilla Network Security Services (NSS) before 3.12.3, Firefox before ...	CVSS3: 5.9	2% Низкий	почти 16 лет назад
ELSA-2009-1186 ELSA-2009-1186: nspr and nss security, bug fix, and enhancement update (CRITICAL)			почти 16 лет назад
ELSA-2009-1184 ELSA-2009-1184: nspr and nss security and bug fix update (CRITICAL)			почти 16 лет назад

Уязвимостей на страницу