admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2008/CVE-2008-28xx/CVE-2008-2809.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

334 lines
12 KiB
JSON
Raw Blame History

{
"id": "CVE-2008-2809",
"sourceIdentifier": "secalert@redhat.com",
"published": "2008-07-08T23:41:00.000",
"lastModified": "2018-10-11T20:44:20.997",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site."
},
{
"lang": "es",
"value": "Mozilla 1.9 M8 y anteriores, Mozilla Firefox 2 y anteriores a 2.0.0.15, SeaMonkey 1.1.5 y otras versiones anteriores a 1.1.10, Netscape 9.0, y otras navegadores basados en Mozilla, cuando un usuario aceptar un certificado SSL de servidor sobre las bases del nombre de dominio CN en el campo DN, considerando que el certificado es tambi\u00e9n aceptado por todos los nombres de dominio en el campo subjectAltName:dNSName, el cual hace m\u00e1s f\u00e1cil a los atacantes remotos enga\u00f1ar a un usuario aceptando un certificado no v\u00e1lido para una p\u00e1gina web falsa."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D956DC-C73B-439F-8D79-8239207CC76F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "57E2C7E7-56C0-466C-BB08-5EB43922C4F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "462E135A-5616-46CC-A9C0-5A7A0526ACC6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6121F9C1-F4DF-4AAB-9E51-AC1592AA5639"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "58D44634-A0B5-4F05-8983-B08D392EC742"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB3AC3D3-FDD7-489F-BDCF-BDB55DF33A8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4105171B-9C90-4ABF-B220-A35E7BA9EE40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "20985549-DB24-4B69-9D40-208A47AE658E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "43A13026-416F-4308-8A1B-E989BD769E12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "612B015E-9F96-4CE6-83E4-23848FD609E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1E391619-0967-43E1-8CBC-4D54F72A85C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0544D626-E269-4677-9B05-7DAB23BD103B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C95F7B2C-80FC-4DF2-9680-F74634DCE3E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "863C140E-DC15-4A88-AB8A-8AEF9F4B8164"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:geckb:*:m8:*:*:*:*:*:*",
"versionEndIncluding": "1.9",
"matchCriteriaId": "1AE6FF40-5C89-47F1-928C-7BC7DB7A57F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.9",
"matchCriteriaId": "B0E9314D-0D23-4572-9956-D2E8B53540B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "76AD0439-3BFB-4AD1-8E2C-99D0B099FA8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netscape:navigator:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE436EA-9F65-4B62-A11D-B102F5E5E9FC"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html",
"source": "secalert@redhat.com"
},
{
"url": "http://nils.toedtmann.net/pub/subjectAltName.txt",
"source": "secalert@redhat.com"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2008-0616.html",
"source": "secalert@redhat.com"
},
{
"url": "http://security.gentoo.org/glsa/glsa-200808-03.xml",
"source": "secalert@redhat.com"
},
{
"url": "http://securityreason.com/securityalert/3498",
"source": "secalert@redhat.com"
},
{
"url": "http://securitytracker.com/id?1018979",
"source": "secalert@redhat.com"
},
{
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152",
"source": "secalert@redhat.com"
},
{
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911",
"source": "secalert@redhat.com"
},
{
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484",
"source": "secalert@redhat.com"
},
{
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1",
"source": "secalert@redhat.com"
},
{
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0216",
"source": "secalert@redhat.com"
},
{
"url": "http://www.debian.org/security/2008/dsa-1607",
"source": "secalert@redhat.com"
},
{
"url": "http://www.debian.org/security/2008/dsa-1615",
"source": "secalert@redhat.com"
},
{
"url": "http://www.debian.org/security/2008/dsa-1621",
"source": "secalert@redhat.com"
},
{
"url": "http://www.debian.org/security/2009/dsa-1697",
"source": "secalert@redhat.com"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:136",
"source": "secalert@redhat.com"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:155",
"source": "secalert@redhat.com"
},
{
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15",
"source": "secalert@redhat.com"
},
{
"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-31.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0547.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0549.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0569.html",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/archive/1/483929/100/100/threaded",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/archive/1/483937/100/100/threaded",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/archive/1/483960/100/100/threaded",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/archive/1/494080/100/0/threaded",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/bid/30038",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securitytracker.com/id?1020419",
"source": "secalert@redhat.com"
},
{
"url": "http://www.ubuntu.com/usn/usn-619-1",
"source": "secalert@redhat.com"
},
{
"url": "http://www.ubuntu.com/usn/usn-629-1",
"source": "secalert@redhat.com"
},
{
"url": "http://www.vupen.com/english/advisories/2008/1993/references",
"source": "secalert@redhat.com"
},
{
"url": "http://www.vupen.com/english/advisories/2009/0977",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=240261",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=327181",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=402347",
"source": "secalert@redhat.com"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43524",
"source": "secalert@redhat.com"
},
{
"url": "https://issues.rpath.com/browse/RPL-2646",
"source": "secalert@redhat.com"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10205",
"source": "secalert@redhat.com"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html",
"source": "secalert@redhat.com"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html",
"source": "secalert@redhat.com"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html",
"source": "secalert@redhat.com"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html",
"source": "secalert@redhat.com"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html",
"source": "secalert@redhat.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink