製品・ソフトウェアに関する情報

JVN脆弱性詳細

複数の Mozilla 製品の SSL 実装における暗号保護メカニズムを回避される脆弱性

Title	複数の Mozilla 製品の SSL 実装における暗号保護メカニズムを回避される脆弱性
Summary	複数の Mozilla 製品の SSL 実装には、Diffie-Hellman Ephemeral (DHE) モードの最小キーの長さを適切に設定しないため、暗号保護メカニズムを回避される脆弱性が存在します。
Possible impacts	第三者により、ブルートフォース攻撃を受け、暗号保護メカニズムを回避される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Oct. 19, 2010, midnight
Registration Date	Nov. 12, 2010, 4:31 p.m.
Last Update	Dec. 18, 2012, 5:37 p.m.

CVSS2.0 : 危険
Score	7.5
Vector	AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected System

レッドハット

Red Hat Enterprise Linux 3 (as)

Red Hat Enterprise Linux 3 (es)

Red Hat Enterprise Linux 3 (ws)

Red Hat Enterprise Linux 4 (as)

Red Hat Enterprise Linux 4 (es)

Red Hat Enterprise Linux 4 (ws)

Red Hat Enterprise Linux 4.8 (as)

Red Hat Enterprise Linux 4.8 (es)

Red Hat Enterprise Linux 5 (server)

Red Hat Enterprise Linux Desktop 3.0

Red Hat Enterprise Linux Desktop 4.0

Red Hat Enterprise Linux Desktop 5.0 (client)

RHEL Desktop Workstation 5 (client)

オラクル

OpenSolaris

Oracle Solaris 10

Oracle Solaris 11 Express

Mozilla Foundation

Mozilla Firefox 3.5.14 未満

Mozilla Firefox 3.6.11 未満

Mozilla SeaMonkey 2.0.9 未満

Mozilla Thunderbird 3.0.9 未満

Mozilla Thunderbird 3.1.5 未満

サイバートラスト株式会社

Asianux Server 3 (x86)

Asianux Server 3 (x86-64)

Asianux Server 3.0

Asianux Server 3.0 (x86-64)

Asianux Server 4.0

Asianux Server 4.0 (x86-64)

VMware

VMware ESX 3.0.3

VMware ESX 3.5

VMware ESX 4.0

VMware ESX 4.1

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2010-3173	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3173
National Vulnerability Database (NVD)
2	CVE-2010-3173	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3173

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-310	https://jvndb.jvn.jp/ja/cwe/CWE-310.html

ベンダー情報

No	Name	URL
Asianux Technical Support Network
1	firefox-3.6.11-2.0.1.AXS3; nss-3.12.8-1.AXS3; xulrunner-1.9.2.11-2.0.1.AXS3	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1288
MIRACLE LINUX アップデート情報
2	2144	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2144
3	2146	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2146
4	2150	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2150
Mozilla Foundation Security Advisory
5	MFSA2010-72	http://www.mozilla.org/security/announce/2010/mfsa2010-72.html
Mozilla Foundation セキュリティアドバイザリ
6	MFSA2010-72	http://www.mozilla-japan.org/security/announce/2010/mfsa2010-72.html
Red Hat Security Advisory
7	RHSA-2010:0781	https://rhn.redhat.com/errata/RHSA-2010-0781.html
8	RHSA-2010:0782	https://rhn.redhat.com/errata/RHSA-2010-0782.html
SECURITY BLOG
9	multiple_vulnerabilities_in_mozilla_firefox	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
10	multiple_vulnerabilities_in_mozilla_thunderbird1	http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_mozilla_thunderbird1
VMware Security Advisories
11	VMSA-2011-0013	http://www.vmware.com/jp/support/support-resources/advisories/VMSA-2011-0013.html

その他

No	Name	URL
Secunia Advisory
1	SA42867	http://secunia.com/advisories/42867
VUPEN Security
2	VUPEN/ADV-2010-2726	http://www.vupen.com/english/advisories/2010/2726
3	VUPEN/ADV-2011-0061	http://www.vupen.com/english/advisories/2011/0061

Change Log

No	Changed Details	Date of change
0	[2010年11月12日] 掲載 [2011年01月27日] 影響を受けるシステム：オラクル (multiple_vulnerabilities_in_mozilla_firefox) の情報を追加ベンダ情報：オラクル (multiple_vulnerabilities_in_mozilla_firefox) [2011年05月17日] 影響を受けるシステム：オラクル (multiple_vulnerabilities_in_mozilla_thunderbird1) の情報を追加ベンダ情報：オラクル (multiple_vulnerabilities_in_mozilla_thunderbird1) を追加 [2012年12月18日] 影響を受けるシステム：VMware (VMSA-2011-0013) の情報を追加ベンダ情報：VMware (VMSA-2011-0013) を追加	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2010-3173

Summary	The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
Publication Date	Oct. 22, 2010, 4 a.m.
Registration Date	Jan. 29, 2021, 11:05 a.m.
Last Update	Nov. 21, 2024, 10:18 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:3.6.2:::::::*
cpe:2.3:a:mozilla:firefox:3.6.3:::::::*
cpe:2.3:a:mozilla:firefox:3.6.8:::::::*
cpe:2.3:a:mozilla:firefox:3.6.9:::::::*
cpe:2.3:a:mozilla:firefox:3.6.6:::::::*
cpe:2.3:a:mozilla:firefox:3.6.10:::::::*
cpe:2.3:a:mozilla:firefox:3.6.7:::::::*
cpe:2.3:a:mozilla:firefox:3.6.4:::::::*
cpe:2.3:a:mozilla:firefox:3.6:::::::*

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:mozilla:seamonkey:1.1.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.17:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2::::::
cpe:2.3:a:mozilla:seamonkey:1.1.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1:alpha::::::
cpe:2.3:a:mozilla:seamonkey:2.0:rc2::::::
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3::::::
cpe:2.3:a:mozilla:seamonkey:1.0:alpha::::::
cpe:2.3:a:mozilla:seamonkey:1.1.12:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.14:::::::*
cpe:2.3:a:mozilla:seamonkey::::::::		2.0.8
cpe:2.3:a:mozilla:seamonkey:1.1.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_2::::::
cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.11:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1::::::
cpe:2.3:a:mozilla:seamonkey:1.5.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.15:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.16:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_1::::::
cpe:2.3:a:mozilla:seamonkey:1.1.19:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:rc1::::::
cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.13:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.18:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.4:::::::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:mozilla:thunderbird:3.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.21:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.18:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.16:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.10:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:beta2::::::
cpe:2.3:a:mozilla:thunderbird:2.0.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.13:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.12:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.22:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.14:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.17:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.23:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.11:::::::*
cpe:2.3:a:mozilla:thunderbird:0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.12:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.3:::::::*
cpe:2.3:a:mozilla:thunderbird:0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.14:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:0.1:::::::*
cpe:2.3:a:mozilla:thunderbird::::::::		3.0.8
cpe:2.3:a:mozilla:thunderbird:0.7.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.19:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.4:::::::*

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:2.0.0.12:::::::*
cpe:2.3:a:mozilla:firefox:1.5:beta2::::::
cpe:2.3:a:mozilla:firefox:3.0.17:::::::*
cpe:2.3:a:mozilla:firefox:3.5.3:::::::*
cpe:2.3:a:mozilla:firefox:3.0.7:::::::*
cpe:2.3:a:mozilla:firefox:1.5.2:::::::*
cpe:2.3:a:mozilla:firefox:3.0.9:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.6:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.10:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.5.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5.4:::::::*
cpe:2.3:a:mozilla:firefox:1.0.2:::::::*
cpe:2.3:a:mozilla:firefox:3.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.5:::::::*
cpe:2.3:a:mozilla:firefox:3.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5:beta1::::::
cpe:2.3:a:mozilla:firefox:3.5.9:::::::*
cpe:2.3:a:mozilla:firefox:3.5.4:::::::*
cpe:2.3:a:mozilla:firefox::::::::		3.5.13
cpe:2.3:a:mozilla:firefox:3.5.7:::::::*
cpe:2.3:a:mozilla:firefox:3.0.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5:::::::*
cpe:2.3:a:mozilla:firefox:1.0.4:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.7:::::::*
cpe:2.3:a:mozilla:firefox:1.0.7:::::::*
cpe:2.3:a:mozilla:firefox:3.5.10:::::::*
cpe:2.3:a:mozilla:firefox:3.5.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.9:::::::*
cpe:2.3:a:mozilla:firefox:3.0.14:::::::*
cpe:2.3:a:mozilla:firefox:3.5.2:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.16:::::::*
cpe:2.3:a:mozilla:firefox:1.5.6:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.17:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.15:::::::*
cpe:2.3:a:mozilla:firefox:3.0.10:::::::*
cpe:2.3:a:mozilla:firefox:3.0.12:::::::*
cpe:2.3:a:mozilla:firefox:1.0:::::::*
cpe:2.3:a:mozilla:firefox:3.0.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.7:::::::*
cpe:2.3:a:mozilla:firefox:2.0:::::::*
cpe:2.3:a:mozilla:firefox:1.0.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.14:::::::*
cpe:2.3:a:mozilla:firefox:3.0.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0.15:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.8:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.5.12:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.9:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.5:::::::*
cpe:2.3:a:mozilla:firefox:1.5.7:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.12:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.0.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.13:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.18:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.1:::::::*
cpe:2.3:a:mozilla:firefox:3.0.2:::::::*
cpe:2.3:a:mozilla:firefox:3.5.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.5:::::::*
cpe:2.3:a:mozilla:firefox:1.0:preview_release::::::
cpe:2.3:a:mozilla:firefox:2.0.0.20:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.8:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.19:::::::*
cpe:2.3:a:mozilla:firefox:1.5.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
cpe:2.3:a:mozilla:firefox:3.0.13:::::::*
cpe:2.3:a:mozilla:firefox:1.0.5:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.5:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.10:::::::*
cpe:2.3:a:mozilla:firefox:1.0.8:::::::*
cpe:2.3:a:mozilla:firefox:3.0.11:::::::*
cpe:2.3:a:mozilla:firefox:3.0.16:::::::*
cpe:2.3:a:mozilla:firefox:1.0.6:::::::*

Configuration5	or higher	or less	more than	less than
cpe:2.3:a:mozilla:thunderbird:3.1.2:::::::*
cpe:2.3:a:mozilla:thunderbird:3.1.1:::::::*
cpe:2.3:a:mozilla:thunderbird:3.1.4:::::::*
cpe:2.3:a:mozilla:thunderbird:3.1:::::::*
cpe:2.3:a:mozilla:thunderbird:3.1.3:::::::*

Related information, measures and tools

No	URL	タグ
1	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
2	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
3	http://secunia.com/advisories/41839
4	http://secunia.com/advisories/41839
5	http://secunia.com/advisories/42867
6	http://secunia.com/advisories/42867
7	http://support.avaya.com/css/P8/documents/100114250
8	http://support.avaya.com/css/P8/documents/100114250
9	http://support.avaya.com/css/P8/documents/100120156
10	http://support.avaya.com/css/P8/documents/100120156
11	http://www.debian.org/security/2010/dsa-2123
12	http://www.debian.org/security/2010/dsa-2123
13	http://www.mandriva.com/security/advisories?name=MDVSA-2010:210
14	http://www.mandriva.com/security/advisories?name=MDVSA-2010:210
15	http://www.mandriva.com/security/advisories?name=MDVSA-2010:211
16	http://www.mandriva.com/security/advisories?name=MDVSA-2010:211
17	http://www.mozilla.org/security/announce/2010/mfsa2010-72.html	Vendor Advisory
18	http://www.mozilla.org/security/announce/2010/mfsa2010-72.html	Vendor Advisory
19	http://www.redhat.com/support/errata/RHSA-2010-0781.html
20	http://www.redhat.com/support/errata/RHSA-2010-0781.html
21	http://www.redhat.com/support/errata/RHSA-2010-0782.html
22	http://www.redhat.com/support/errata/RHSA-2010-0782.html
23	http://www.ubuntu.com/usn/USN-1007-1
24	http://www.ubuntu.com/usn/USN-1007-1
25	http://www.vupen.com/english/advisories/2011/0061
26	http://www.vupen.com/english/advisories/2011/0061
27	https://bugzilla.mozilla.org/show_bug.cgi?id=554354
28	https://bugzilla.mozilla.org/show_bug.cgi?id=554354
29	https://bugzilla.mozilla.org/show_bug.cgi?id=583337
30	https://bugzilla.mozilla.org/show_bug.cgi?id=583337
31	https://bugzilla.mozilla.org/show_bug.cgi?id=587234
32	https://bugzilla.mozilla.org/show_bug.cgi?id=587234
33	https://bugzilla.mozilla.org/show_bug.cgi?id=595300
34	https://bugzilla.mozilla.org/show_bug.cgi?id=595300
35	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12118
36	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12118

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:3.6.2:::::::*
cpe:2.3:a:mozilla:firefox:3.6.3:::::::*
cpe:2.3:a:mozilla:firefox:3.6.8:::::::*
cpe:2.3:a:mozilla:firefox:3.6.9:::::::*
cpe:2.3:a:mozilla:firefox:3.6.6:::::::*
cpe:2.3:a:mozilla:firefox:3.6.10:::::::*
cpe:2.3:a:mozilla:firefox:3.6.7:::::::*
cpe:2.3:a:mozilla:firefox:3.6.4:::::::*
cpe:2.3:a:mozilla:firefox:3.6:::::::*

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:mozilla:seamonkey:1.1.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.10:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.3:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.17:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2::::::
cpe:2.3:a:mozilla:seamonkey:1.1.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1:alpha::::::
cpe:2.3:a:mozilla:seamonkey:2.0:rc2::::::
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3::::::
cpe:2.3:a:mozilla:seamonkey:1.0:alpha::::::
cpe:2.3:a:mozilla:seamonkey:1.1.12:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.14:::::::*
cpe:2.3:a:mozilla:seamonkey::::::::		2.0.8
cpe:2.3:a:mozilla:seamonkey:1.1.2:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_2::::::
cpe:2.3:a:mozilla:seamonkey:1.0.2:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.11:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1::::::
cpe:2.3:a:mozilla:seamonkey:1.5.0.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1:beta::::::
cpe:2.3:a:mozilla:seamonkey:1.1.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.5.0.8:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.1:::::::*
cpe:2.3:a:mozilla:seamonkey:1.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.15:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.7:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.16:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:beta_1::::::
cpe:2.3:a:mozilla:seamonkey:1.1.19:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.5:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:rc1::::::
cpe:2.3:a:mozilla:seamonkey:1.0.4:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.9:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.13:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.18:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0.6:::::::*
cpe:2.3:a:mozilla:seamonkey:2.0:::::::*
cpe:2.3:a:mozilla:seamonkey:1.1.4:::::::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:mozilla:thunderbird:3.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.21:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.18:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.16:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.10:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:beta2::::::
cpe:2.3:a:mozilla:thunderbird:2.0.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.13:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.12:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.22:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.14:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.17:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.23:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.11:::::::*
cpe:2.3:a:mozilla:thunderbird:0.9:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.3:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.12:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7.3:::::::*
cpe:2.3:a:mozilla:thunderbird:0.4:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.1:::::::*
cpe:2.3:a:mozilla:thunderbird:0.7:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.14:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.6:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:0.1:::::::*
cpe:2.3:a:mozilla:thunderbird::::::::		3.0.8
cpe:2.3:a:mozilla:thunderbird:0.7.1:::::::*
cpe:2.3:a:mozilla:thunderbird:1.0.5:::::::*
cpe:2.3:a:mozilla:thunderbird:0.8:::::::*
cpe:2.3:a:mozilla:thunderbird:3.0.2:::::::*
cpe:2.3:a:mozilla:thunderbird:2.0.0.19:::::::*
cpe:2.3:a:mozilla:thunderbird:1.5.0.4:::::::*

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:2.0.0.12:::::::*
cpe:2.3:a:mozilla:firefox:1.5:beta2::::::
cpe:2.3:a:mozilla:firefox:3.0.17:::::::*
cpe:2.3:a:mozilla:firefox:3.5.3:::::::*
cpe:2.3:a:mozilla:firefox:3.0.7:::::::*
cpe:2.3:a:mozilla:firefox:1.5.2:::::::*
cpe:2.3:a:mozilla:firefox:3.0.9:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.6:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.10:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.5.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5.4:::::::*
cpe:2.3:a:mozilla:firefox:1.0.2:::::::*
cpe:2.3:a:mozilla:firefox:3.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.5:::::::*
cpe:2.3:a:mozilla:firefox:3.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5:beta1::::::
cpe:2.3:a:mozilla:firefox:3.5.9:::::::*
cpe:2.3:a:mozilla:firefox:3.5.4:::::::*
cpe:2.3:a:mozilla:firefox::::::::		3.5.13
cpe:2.3:a:mozilla:firefox:3.5.7:::::::*
cpe:2.3:a:mozilla:firefox:3.0.5:::::::*
cpe:2.3:a:mozilla:firefox:3.5.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5:::::::*
cpe:2.3:a:mozilla:firefox:1.0.4:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.7:::::::*
cpe:2.3:a:mozilla:firefox:1.0.7:::::::*
cpe:2.3:a:mozilla:firefox:3.5.10:::::::*
cpe:2.3:a:mozilla:firefox:3.5.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.9:::::::*
cpe:2.3:a:mozilla:firefox:3.0.14:::::::*
cpe:2.3:a:mozilla:firefox:3.5.2:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.16:::::::*
cpe:2.3:a:mozilla:firefox:1.5.6:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.17:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.15:::::::*
cpe:2.3:a:mozilla:firefox:3.0.10:::::::*
cpe:2.3:a:mozilla:firefox:3.0.12:::::::*
cpe:2.3:a:mozilla:firefox:1.0:::::::*
cpe:2.3:a:mozilla:firefox:3.0.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.7:::::::*
cpe:2.3:a:mozilla:firefox:2.0:::::::*
cpe:2.3:a:mozilla:firefox:1.0.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.14:::::::*
cpe:2.3:a:mozilla:firefox:3.0.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0.15:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.8:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.5.12:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.9:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.5:::::::*
cpe:2.3:a:mozilla:firefox:1.5.7:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.12:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.6:::::::*
cpe:2.3:a:mozilla:firefox:3.0:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.11:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.2:::::::*
cpe:2.3:a:mozilla:firefox:1.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.0.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5.1:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.13:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.18:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.1:::::::*
cpe:2.3:a:mozilla:firefox:3.0.2:::::::*
cpe:2.3:a:mozilla:firefox:3.5.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.5:::::::*
cpe:2.3:a:mozilla:firefox:1.0:preview_release::::::
cpe:2.3:a:mozilla:firefox:2.0.0.20:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.8:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.19:::::::*
cpe:2.3:a:mozilla:firefox:1.5.8:::::::*
cpe:2.3:a:mozilla:firefox:1.5.3:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.4:::::::*
cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*
cpe:2.3:a:mozilla:firefox:3.0.13:::::::*
cpe:2.3:a:mozilla:firefox:1.0.5:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.5:::::::*
cpe:2.3:a:mozilla:firefox:2.0.0.10:::::::*
cpe:2.3:a:mozilla:firefox:1.0.8:::::::*
cpe:2.3:a:mozilla:firefox:3.0.11:::::::*
cpe:2.3:a:mozilla:firefox:3.0.16:::::::*
cpe:2.3:a:mozilla:firefox:1.0.6:::::::*