Mozilla Firefox Compromise Of SSL-protected Communication
Gravità: : Medio
Identificatori CVE: CVE-2009-2408
Data notifica: 21 luglio 2015
Descrizione
Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.
Informazioni esposizione:
Apply associated Trend Micro DPI Rules.
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1003670
Trend Micro Deep Security DPI Rule Name: 1003670 - Multiple Browser Certificate Regexp Parsing Heap Overflow
Software e versione interessati:
- Mozilla Thunderbird 2.0.0.9
- Mozilla Thunderbird 2.0.0.8
- Mozilla Thunderbird 2.0.0.7
- Mozilla Thunderbird 2.0.0.6
- Mozilla Thunderbird 2.0.0.5
- Mozilla Thunderbird 2.0.0.4
- Mozilla Thunderbird 2.0.0.3
- Mozilla Thunderbird 2.0.0.2
- Mozilla Thunderbird 2.0.0.22
- Mozilla Thunderbird 2.0.0.21
- Mozilla Thunderbird 2.0.0.20
- Mozilla Thunderbird 2.0.0.19
- Mozilla Thunderbird 2.0.0.18
- Mozilla Thunderbird 2.0.0.17
- Mozilla Thunderbird 2.0.0.16
- Mozilla Thunderbird 2.0.0.15
- Mozilla Thunderbird 2.0.0.14
- Mozilla Thunderbird 2.0.0.13
- Mozilla Thunderbird 2.0.0.12
- Mozilla Thunderbird 2.0.0.11
- Mozilla Thunderbird 2.0.0.1
- Mozilla Thunderbird 2.0.0.0
- Mozilla SeaMonkey 1.5.0.9
- Mozilla SeaMonkey 1.5.0.8
- Mozilla SeaMonkey 1.5.0.10
- Mozilla SeaMonkey 1.1.9
- Mozilla SeaMonkey 1.1.8
- Mozilla SeaMonkey 1.1.7
- Mozilla SeaMonkey 1.1.6
- Mozilla SeaMonkey 1.1.5
- Mozilla SeaMonkey 1.1.4
- Mozilla SeaMonkey 1.1.3
- Mozilla SeaMonkey 1.1.2
- Mozilla SeaMonkey 1.1.16
- Mozilla SeaMonkey 1.1.15
- Mozilla SeaMonkey 1.1.14
- Mozilla SeaMonkey 1.1.12
- Mozilla SeaMonkey 1.1.11
- Mozilla SeaMonkey 1.1.10
- Mozilla SeaMonkey 1.1.1
- Mozilla SeaMonkey 1.1
- Mozilla SeaMonkey 1.0.9
- Mozilla SeaMonkey 1.0.8
- Mozilla SeaMonkey 1.0.6
- Mozilla SeaMonkey 1.0.5
- Mozilla SeaMonkey 1.0.4
- Mozilla SeaMonkey 1.0.3
- Mozilla SeaMonkey 1.0.2
- Mozilla SeaMonkey 1.0.1
- Mozilla NSS 3.6
- Mozilla NSS 3.4
- Mozilla NSS 3.12
- Mozilla NSS 3.11.8
- Mozilla NSS 3.11.7
- Mozilla NSS 3.11.4
- Mozilla NSS 3.11.2
- Mozilla NSS 3.0
- Mozilla Firefox 3.2
- Mozilla Firefox 3.1
- Mozilla Firefox 3.0 Beta 5
- Mozilla Firefox 3.0.9
- Mozilla Firefox 3.0.8
- Mozilla Firefox 3.0.7
- Mozilla Firefox 3.0.6
- Mozilla Firefox 3.0.5
- Mozilla Firefox 3.0.4
- Mozilla Firefox 3.0.3
- Mozilla Firefox 3.0.2
- Mozilla Firefox 3.0.12
- Mozilla Firefox 3.0.11
- Mozilla Firefox 3.0.10
- Mozilla Firefox 3.0.1
- Mozilla Firefox 3.0
- Mozilla Firefox 2.0_8
- Mozilla Firefox 2.0_.9
- Mozilla Firefox 2.0_.7
- Mozilla Firefox 2.0_.6
- Mozilla Firefox 2.0_.5
- Mozilla Firefox 2.0_.4
- Mozilla Firefox 2.0_.10
- Mozilla Firefox 2.0_.1
- Mozilla Firefox 2.0.0.4
- Mozilla Firefox 2.0.0.3
- Mozilla Firefox 2.0.0.21
- Mozilla Firefox 2.0.0.20
- Mozilla Firefox 2.0.0.2
- Mozilla Firefox 2.0.0.18
- Mozilla Firefox 2.0.0.17
- Mozilla Firefox 2.0.0.16
- Mozilla Firefox 2.0.0.15
- Mozilla Firefox 0.7.1
- Mozilla Firefox 0.7
- Mozilla Firefox 0.6.1
- Mozilla Firefox 0.6
- Mozilla Firefox 0.5
- Mozilla Firefox 0.4
- Mozilla Firefox 0.3
- Mozilla Firefox 0.2
- Mozilla Firefox 0.10.1
- Mozilla Firefox 0.10
- Mozilla Firefox 0.1
- Mozilla Firefox 2.0.0.9
- Mozilla Firefox 2.0.0.8
- Mozilla Firefox 2.0.0.7
- Mozilla Firefox 2.0.0.6
- Mozilla Firefox 2.0.0.5
- Mozilla Firefox 2.0.0.14
- Mozilla Firefox 2.0.0.13
- Mozilla Firefox 2.0.0.12
- Mozilla Firefox 2.0.0.11
- Mozilla Firefox 2.0.0.10
- Mozilla Firefox 2.0.0.1
- Mozilla Firefox 2.0
- Mozilla Firefox 1.8
- Mozilla Firefox 1.5.8
- Mozilla Firefox 1.5.7
- Mozilla Firefox 1.5.6
- Mozilla Firefox 1.5.5
- Mozilla Firefox 1.5.4
- Mozilla Firefox 1.5.3
- Mozilla Firefox 1.5.2
- Mozilla Firefox 1.5.1
- Mozilla Firefox 1.5.0.9
- Mozilla Firefox 1.5.0.8
- Mozilla Firefox 1.5.0.7
- Mozilla Firefox 1.5.0.6
- Mozilla Firefox 1.5.0.5
- Mozilla Firefox 1.5.0.4
- Mozilla Firefox 1.5.0.3
- Mozilla Firefox 1.5.0.2
- Mozilla Firefox 1.5.0.12
- Mozilla Firefox 1.5.0.11
- Mozilla Firefox 1.5.0.10
- Mozilla Firefox 1.4.1
- Mozilla Firefox 1.0.8
- Mozilla Firefox 0.9_rc
- Mozilla Firefox 0.9.3
- Mozilla Firefox 0.9.2
- Mozilla Firefox 0.9.1
- Mozilla Firefox 0.9