製品・ソフトウェアに関する情報

JVN脆弱性詳細

複数の Mozilla 製品における X.509 証明書の処理に関する任意の SSL サーバになりすまされる脆弱性

Title	複数の Mozilla 製品における X.509 証明書の処理に関する任意の SSL サーバになりすまされる脆弱性
Summary	複数の Mozilla 製品は、X.509 証明書のサブジェクトの Common Name フィールド内のワイルドカードが付与された IP アドレスを認証してしまうため、任意の SSL サーバになりすまされる脆弱性が存在します。
Possible impacts	攻撃者により、巧妙に細工された正規認証局発行の証明書を介して、任意の SSL サーバになりすまされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Oct. 19, 2010, midnight
Registration Date	Nov. 12, 2010, 4:31 p.m.
Last Update	Dec. 18, 2012, 5:36 p.m.

CVSS2.0 : 警告
Score	4.3
Vector	AV:N/AC:M/Au:N/C:N/I:P/A:N

Affected System

レッドハット

Red Hat Enterprise Linux 3 (as)

Red Hat Enterprise Linux 3 (es)

Red Hat Enterprise Linux 3 (ws)

Red Hat Enterprise Linux 4 (as)

Red Hat Enterprise Linux 4 (es)

Red Hat Enterprise Linux 4 (ws)

Red Hat Enterprise Linux 4.8 (as)

Red Hat Enterprise Linux 4.8 (es)

Red Hat Enterprise Linux 5 (server)

Red Hat Enterprise Linux Desktop 3.0

Red Hat Enterprise Linux Desktop 4.0

Red Hat Enterprise Linux Desktop 5.0 (client)

Red Hat Enterprise Linux Desktop 6

Red Hat Enterprise Linux HPC Node 6

Red Hat Enterprise Linux Server 6

Red Hat Enterprise Linux Workstation 6

RHEL Desktop Workstation 5 (client)

オラクル

OpenSolaris

Oracle Solaris 10

Oracle Solaris 11 Express

Oracle Solaris 9

Mozilla Foundation

Mozilla Firefox 3.5.14 未満

Mozilla Firefox 3.6.11 未満

Mozilla SeaMonkey 2.0.9 未満

Mozilla Thunderbird 3.0.9 未満

Mozilla Thunderbird 3.1.5 未満

サイバートラスト株式会社

Asianux Server 3 (x86)

Asianux Server 3 (x86-64)

Asianux Server 3.0

Asianux Server 3.0 (x86-64)

Asianux Server 4.0

Asianux Server 4.0 (x86-64)

VMware

VMware ESX 3.0.3

VMware ESX 3.5

VMware ESX 4.0

VMware ESX 4.1

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2010-3170	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3170
National Vulnerability Database (NVD)
2	CVE-2010-3170	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3170

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-310	https://jvndb.jvn.jp/ja/cwe/CWE-310.html

ベンダー情報

No	Name	URL
Asianux Technical Support Network
1	firefox-3.6.11-2.0.1.AXS3; nss-3.12.8-1.AXS3; xulrunner-1.9.2.11-2.0.1.AXS3	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1288
MIRACLE LINUX アップデート情報
2	2144	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2144
3	2146	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2146
4	2150	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2150
Mozilla Foundation Security Advisory
5	MFSA2010-70	http://www.mozilla.org/security/announce/2010/mfsa2010-70.html
Mozilla Foundation セキュリティアドバイザリ
6	MFSA2010-70	http://www.mozilla-japan.org/security/announce/2010/mfsa2010-70.html
Red Hat Security Advisory
7	RHSA-2010:0781	https://rhn.redhat.com/errata/RHSA-2010-0781.html
8	RHSA-2010:0782	https://rhn.redhat.com/errata/RHSA-2010-0782.html
9	RHSA-2010:0862	https://rhn.redhat.com/errata/RHSA-2010-0862.html
SECURITY BLOG
10	cve_2010_3170_browser_wildcard	http://blogs.oracle.com/sunsecurity/entry/cve_2010_3170_browser_wildcard
11	multiple_vulnerabilities_in_mozilla_firefox	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
12	multiple_vulnerabilities_in_mozilla_thunderbird1	http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_mozilla_thunderbird1
VMware Security Advisories
13	VMSA-2011-0013	http://www.vmware.com/jp/support/support-resources/advisories/VMSA-2011-0013.html

その他

No	Name	URL
Secunia Advisory
1	SA42867	http://secunia.com/advisories/42867
SecurityFocus
2	42817	http://www.securityfocus.com/bid/42817

Change Log

No	Changed Details	Date of change
0	[2010年11月12日] 掲載 [2010年12月07日] 影響を受けるシステム：レッドハット (RHSA-2010:0862) の情報を追加ベンダ情報：レッドハット (RHSA-2010:0862) を追加 [2011年01月27日] 影響を受けるシステム：オラクル (multiple_vulnerabilities_in_mozilla_firefox) の情報を追加ベンダ情報：オラクル (multiple_vulnerabilities_in_mozilla_firefox) [2011年05月17日] 影響を受けるシステム：オラクル (multiple_vulnerabilities_in_mozilla_thunderbird1) の情報を追加ベンダ情報：オラクル (multiple_vulnerabilities_in_mozilla_thunderbird1) を追加 [2011年08月29日] 影響を受けるシステム：オラクル (cve_2010_3170_browser_wildcard) の情報を追加ベンダ情報：オラクル (cve_2010_3170_browser_wildcard) を追加 [2012年12月18日] 影響を受けるシステム：VMware (VMSA-2011-0013) の情報を追加ベンダ情報：VMware (VMSA-2011-0013) を追加	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2010-3170

Summary	Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
Publication Date	Oct. 22, 2010, 4 a.m.
Registration Date	Jan. 29, 2021, 11:05 a.m.
Last Update	Nov. 21, 2024, 10:18 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:3.6.2:::::::*
cpe:2.3:a:mozilla:firefox:3.6.3:::::::*
cpe:2.3:a:mozilla:firefox:3.6.8:::::::*
cpe:2.3:a:mozilla:firefox:3.6.9:::::::*
cpe:2.3:a:mozilla:firefox:3.6.6:::::::*
cpe:2.3:a:mozilla:firefox:3.6.10:::::::*
cpe:2.3:a:mozilla:firefox:3.6.7:::::::*
cpe:2.3:a:mozilla:firefox:3.6.4:::::::*
cpe:2.3:a:mozilla:firefox:3.6:::::::*

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:mozilla:seamonkey:1.1.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.17:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2::::::
cpe:2.3:a:mozilla:seamonkey:1.1.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1:alpha::::::
cpe:2.3:a:mozilla:seamonkey:2.0:rc2::::::
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3::::::
cpe:2.3:a:mozilla:seamonkey:1.0:alpha::::::
cpe:2.3:a:mozilla:seamonkey:1.1.12:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.14:::::::*
cpe:2.3:a:mozilla:seamonkey::::::::		2.0.8
cpe:2.3:a:mozilla:seamonkey:1.1.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_2::::::
cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.11:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1::::::
cpe:2.3:a:mozilla:seamonkey:1.5.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.15:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.16:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_1::::::
cpe:2.3:a:mozilla:seamonkey:1.1.19:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:rc1::::::
cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.13:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.18:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.4:::::::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:mozilla:thunderbird:3.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.21:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.18:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.16:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.10:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:beta2::::::
cpe:2.3:a:mozilla:thunderbird:2.0.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.13:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.12:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.22:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.14:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.17:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.23:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.11:::::::*
cpe:2.3:a:mozilla:thunderbird:0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.12:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.3:::::::*
cpe:2.3:a:mozilla:thunderbird:0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.14:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:0.1:::::::*
cpe:2.3:a:mozilla:thunderbird::::::::		3.0.8
cpe:2.3:a:mozilla:thunderbird:0.7.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.19:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.4:::::::*

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:2.0.0.12:::::::*
cpe:2.3:a:mozilla:firefox:1.5:beta2::::::
cpe:2.3:a:mozilla:firefox:3.0.17:::::::*
cpe:2.3:a:mozilla:firefox:3.5.3:::::::*
cpe:2.3:a:mozilla:firefox:3.0.7:::::::*
cpe:2.3:a:mozilla:firefox:1.5.2:::::::*
cpe:2.3:a:mozilla:firefox:3.0.9:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.6:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.10:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.5.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5.4:::::::*
cpe:2.3:a:mozilla:firefox:1.0.2:::::::*
cpe:2.3:a:mozilla:firefox:3.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.5:::::::*
cpe:2.3:a:mozilla:firefox:3.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5:beta1::::::
cpe:2.3:a:mozilla:firefox:3.5.9:::::::*
cpe:2.3:a:mozilla:firefox:3.5.4:::::::*
cpe:2.3:a:mozilla:firefox::::::::		3.5.13
cpe:2.3:a:mozilla:firefox:3.5.7:::::::*
cpe:2.3:a:mozilla:firefox:3.0.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5:::::::*
cpe:2.3:a:mozilla:firefox:1.0.4:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.7:::::::*
cpe:2.3:a:mozilla:firefox:1.0.7:::::::*
cpe:2.3:a:mozilla:firefox:3.5.10:::::::*
cpe:2.3:a:mozilla:firefox:3.5.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.9:::::::*
cpe:2.3:a:mozilla:firefox:3.0.14:::::::*
cpe:2.3:a:mozilla:firefox:3.5.2:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.16:::::::*
cpe:2.3:a:mozilla:firefox:1.5.6:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.17:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.15:::::::*
cpe:2.3:a:mozilla:firefox:3.0.10:::::::*
cpe:2.3:a:mozilla:firefox:3.0.12:::::::*
cpe:2.3:a:mozilla:firefox:1.0:::::::*
cpe:2.3:a:mozilla:firefox:3.0.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.7:::::::*
cpe:2.3:a:mozilla:firefox:2.0:::::::*
cpe:2.3:a:mozilla:firefox:1.0.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.14:::::::*
cpe:2.3:a:mozilla:firefox:3.0.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0.15:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.8:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.5.12:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.9:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.5:::::::*
cpe:2.3:a:mozilla:firefox:1.5.7:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.12:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.0.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.13:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.18:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.1:::::::*
cpe:2.3:a:mozilla:firefox:3.0.2:::::::*
cpe:2.3:a:mozilla:firefox:3.5.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.5:::::::*
cpe:2.3:a:mozilla:firefox:1.0:preview_release::::::
cpe:2.3:a:mozilla:firefox:2.0.0.20:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.8:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.19:::::::*
cpe:2.3:a:mozilla:firefox:1.5.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
cpe:2.3:a:mozilla:firefox:3.0.13:::::::*
cpe:2.3:a:mozilla:firefox:1.0.5:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.5:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.10:::::::*
cpe:2.3:a:mozilla:firefox:3.0.16:::::::*
cpe:2.3:a:mozilla:firefox:1.0.6:::::::*
cpe:2.3:a:mozilla:firefox:1.0.8:::::::*
cpe:2.3:a:mozilla:firefox:3.0.11:::::::*

Configuration5	or higher	or less	more than	less than
cpe:2.3:a:mozilla:thunderbird:3.1.2:::::::*
cpe:2.3:a:mozilla:thunderbird:3.1.1:::::::*
cpe:2.3:a:mozilla:thunderbird:3.1.4:::::::*
cpe:2.3:a:mozilla:thunderbird:3.1:::::::*
cpe:2.3:a:mozilla:thunderbird:3.1.3:::::::*

Related information, measures and tools

No	URL	タグ
1	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
2	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
3	http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html
4	http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html
5	http://secunia.com/advisories/41839
6	http://secunia.com/advisories/41839
7	http://secunia.com/advisories/42867
8	http://secunia.com/advisories/42867
9	http://support.avaya.com/css/P8/documents/100114250
10	http://support.avaya.com/css/P8/documents/100114250
11	http://support.avaya.com/css/P8/documents/100120156
12	http://support.avaya.com/css/P8/documents/100120156
13	http://www.debian.org/security/2010/dsa-2123
14	http://www.debian.org/security/2010/dsa-2123
15	http://www.mandriva.com/security/advisories?name=MDVSA-2010:210
16	http://www.mandriva.com/security/advisories?name=MDVSA-2010:210
17	http://www.mozilla.org/security/announce/2010/mfsa2010-70.html	Vendor Advisory
18	http://www.mozilla.org/security/announce/2010/mfsa2010-70.html	Vendor Advisory
19	http://www.redhat.com/support/errata/RHSA-2010-0781.html
20	http://www.redhat.com/support/errata/RHSA-2010-0781.html
21	http://www.redhat.com/support/errata/RHSA-2010-0782.html
22	http://www.redhat.com/support/errata/RHSA-2010-0782.html
23	http://www.ubuntu.com/usn/USN-1007-1
24	http://www.ubuntu.com/usn/USN-1007-1
25	http://www.vupen.com/english/advisories/2011/0061
26	http://www.vupen.com/english/advisories/2011/0061
27	https://bugzilla.mozilla.org/show_bug.cgi?id=578697
28	https://bugzilla.mozilla.org/show_bug.cgi?id=578697
29	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12254
30	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12254

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:3.6.2:::::::*
cpe:2.3:a:mozilla:firefox:3.6.3:::::::*
cpe:2.3:a:mozilla:firefox:3.6.8:::::::*
cpe:2.3:a:mozilla:firefox:3.6.9:::::::*
cpe:2.3:a:mozilla:firefox:3.6.6:::::::*
cpe:2.3:a:mozilla:firefox:3.6.10:::::::*
cpe:2.3:a:mozilla:firefox:3.6.7:::::::*
cpe:2.3:a:mozilla:firefox:3.6.4:::::::*
cpe:2.3:a:mozilla:firefox:3.6:::::::*

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:mozilla:seamonkey:1.1.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.17:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2::::::
cpe:2.3:a:mozilla:seamonkey:1.1.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1:alpha::::::
cpe:2.3:a:mozilla:seamonkey:2.0:rc2::::::
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3::::::
cpe:2.3:a:mozilla:seamonkey:1.0:alpha::::::
cpe:2.3:a:mozilla:seamonkey:1.1.12:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.14:::::::*
cpe:2.3:a:mozilla:seamonkey::::::::		2.0.8
cpe:2.3:a:mozilla:seamonkey:1.1.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_2::::::
cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.11:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1::::::
cpe:2.3:a:mozilla:seamonkey:1.5.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.15:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.16:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_1::::::
cpe:2.3:a:mozilla:seamonkey:1.1.19:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:rc1::::::
cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.13:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.18:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.4:::::::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:mozilla:thunderbird:3.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.21:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.18:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.16:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.10:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:beta2::::::
cpe:2.3:a:mozilla:thunderbird:2.0.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.13:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.12:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.22:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.14:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.17:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.23:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.11:::::::*
cpe:2.3:a:mozilla:thunderbird:0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.12:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.3:::::::*
cpe:2.3:a:mozilla:thunderbird:0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.14:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:0.1:::::::*
cpe:2.3:a:mozilla:thunderbird::::::::		3.0.8
cpe:2.3:a:mozilla:thunderbird:0.7.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.19:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.4:::::::*

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:2.0.0.12:::::::*
cpe:2.3:a:mozilla:firefox:1.5:beta2::::::
cpe:2.3:a:mozilla:firefox:3.0.17:::::::*
cpe:2.3:a:mozilla:firefox:3.5.3:::::::*
cpe:2.3:a:mozilla:firefox:3.0.7:::::::*
cpe:2.3:a:mozilla:firefox:1.5.2:::::::*
cpe:2.3:a:mozilla:firefox:3.0.9:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.6:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.10:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.5.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5.4:::::::*
cpe:2.3:a:mozilla:firefox:1.0.2:::::::*
cpe:2.3:a:mozilla:firefox:3.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.5:::::::*
cpe:2.3:a:mozilla:firefox:3.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5:beta1::::::
cpe:2.3:a:mozilla:firefox:3.5.9:::::::*
cpe:2.3:a:mozilla:firefox:3.5.4:::::::*
cpe:2.3:a:mozilla:firefox::::::::		3.5.13
cpe:2.3:a:mozilla:firefox:3.5.7:::::::*
cpe:2.3:a:mozilla:firefox:3.0.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5:::::::*
cpe:2.3:a:mozilla:firefox:1.0.4:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.7:::::::*
cpe:2.3:a:mozilla:firefox:1.0.7:::::::*
cpe:2.3:a:mozilla:firefox:3.5.10:::::::*
cpe:2.3:a:mozilla:firefox:3.5.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.9:::::::*
cpe:2.3:a:mozilla:firefox:3.0.14:::::::*
cpe:2.3:a:mozilla:firefox:3.5.2:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.16:::::::*
cpe:2.3:a:mozilla:firefox:1.5.6:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.17:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.15:::::::*
cpe:2.3:a:mozilla:firefox:3.0.10:::::::*
cpe:2.3:a:mozilla:firefox:3.0.12:::::::*
cpe:2.3:a:mozilla:firefox:1.0:::::::*
cpe:2.3:a:mozilla:firefox:3.0.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.7:::::::*
cpe:2.3:a:mozilla:firefox:2.0:::::::*
cpe:2.3:a:mozilla:firefox:1.0.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.14:::::::*
cpe:2.3:a:mozilla:firefox:3.0.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0.15:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.8:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.5.12:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.9:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.5:::::::*
cpe:2.3:a:mozilla:firefox:1.5.7:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.12:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.0.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.13:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.18:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.1:::::::*
cpe:2.3:a:mozilla:firefox:3.0.2:::::::*
cpe:2.3:a:mozilla:firefox:3.5.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.5:::::::*
cpe:2.3:a:mozilla:firefox:1.0:preview_release::::::
cpe:2.3:a:mozilla:firefox:2.0.0.20:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.8:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.19:::::::*
cpe:2.3:a:mozilla:firefox:1.5.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
cpe:2.3:a:mozilla:firefox:3.0.13:::::::*
cpe:2.3:a:mozilla:firefox:1.0.5:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.5:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.10:::::::*
cpe:2.3:a:mozilla:firefox:3.0.16:::::::*
cpe:2.3:a:mozilla:firefox:1.0.6:::::::*
cpe:2.3:a:mozilla:firefox:1.0.8:::::::*
cpe:2.3:a:mozilla:firefox:3.0.11:::::::*