CVE-2011-3640

Related Files

Mandriva Linux Security Advisory 2011-169

Posted Nov 10, 2011

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-169 - Security issues were identified and fixed in mozilla NSS, firefox and thunderbird. 22 weak 512-bit certificates issued by the DigiCert Sdn. Bhd certificate authority has been revoked from the root CA storage. Untrusted search path vulnerability in Mozilla Network Security Services might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. Cross-site scripting vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding. Various other issues were also addressed.

tags | advisory, remote, web, arbitrary, local, root, trojan, xss

systems | linux, mandriva

advisories | CVE-2011-3640, CVE-2011-3647, CVE-2011-3648, CVE-2011-3650, CVE-2011-3651, CVE-2011-3652, CVE-2011-3654, CVE-2011-3655

SHA-256 | 1a5863158a5fd4cd434856d62ecc7ece84182035492db44cb1f4705128b08a17

Download | Favorite | View

Debian Security Advisory 2339-1

Posted Nov 8, 2011

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2339-1 - This update to the NSS cryptographic libraries revokes the trust in the "DigiCert Sdn. Bhd" certificate authority.

tags | advisory

systems | linux, debian

advisories | CVE-2011-3640

SHA-256 | 17ceb4d0d27958d7c1219f07d766ebb9d2a0826f55687a1845ec046371292e0a

Download | Favorite | View