9.8

CVE-2009-3555

Exploit
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheHTTP Server Version <= 2.2.14
GnuGnutls Version <= 2.8.5
MozillaNss Version <= 3.12.4
OpenSSLOpenSSL Version <= 0.9.8k
OpenSSLOpenSSL Version1.0 Editionopenvms
CanonicalUbuntu Linux Version8.04 SwEditionlts
CanonicalUbuntu Linux Version8.10
CanonicalUbuntu Linux Version9.04
CanonicalUbuntu Linux Version9.10
CanonicalUbuntu Linux Version10.04 SwEditionlts
CanonicalUbuntu Linux Version10.10
DebianDebian Linux Version4.0
DebianDebian Linux Version5.0
DebianDebian Linux Version6.0
DebianDebian Linux Version7.0
DebianDebian Linux Version8.0
FedoraprojectFedora Version11
FedoraprojectFedora Version12
FedoraprojectFedora Version13
FedoraprojectFedora Version14
F5Nginx Version >= 0.1.0 <= 0.8.22
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 87.26% 0.997
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:N/I:P/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-295 Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

CWE-300 Channel Accessible by Non-Endpoint

The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.

http://marc.info/?l=bugtraq&m=130497311408250&w=2
Third Party Advisory
http://secunia.com/advisories/41818
Third Party Advisory
https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
http://secunia.com/advisories/44183
Third Party Advisory
http://www.securityfocus.com/archive/1/516397/100/0/threaded
Third Party Advisory
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
Third Party Advisory
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
Third Party Advisory
http://secunia.com/advisories/42724
Third Party Advisory
http://secunia.com/advisories/42733
Third Party Advisory
https://kb.bluecoat.com/index?page=content&id=SA50
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
Third Party Advisory
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
Third Party Advisory
http://secunia.com/advisories/40545
Third Party Advisory
http://www.vupen.com/english/advisories/2010/1793
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
Third Party Advisory
http://www.vupen.com/english/advisories/2010/1107
Third Party Advisory
http://marc.info/?l=bugtraq&m=133469267822771&w=2
Third Party Advisory
http://lists.apple.com/archives/security-announce/2010//May/msg00001.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/39819
Third Party Advisory
http://support.apple.com/kb/HT4171
Third Party Advisory
http://www.vupen.com/english/advisories/2010/1191
Third Party Advisory
http://secunia.com/advisories/42467
Third Party Advisory
http://www.securityfocus.com/archive/1/515055/100/0/threaded
Third Party Advisory
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2010-0019.html
Third Party Advisory
http://www.vupen.com/english/advisories/2010/3126
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200912-01.xml
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
Third Party Advisory
http://secunia.com/advisories/39317
Third Party Advisory
http://secunia.com/advisories/37504
Third Party Advisory
http://www.ingate.com/Relnote.php?ver=481
Third Party Advisory
http://www.vupen.com/english/advisories/2009/3354
Third Party Advisory
http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/38241
Third Party Advisory
http://support.apple.com/kb/HT4004
Third Party Advisory
http://www.vupen.com/english/advisories/2010/0173
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2010:084
Broken Link
http://wiki.rpath.com/Advisories:rPSA-2009-0155
Third Party Advisory
http://www.debian.org/security/2009/dsa-1934
Third Party Advisory
http://www.securityfocus.com/archive/1/508075/100/0/threaded
Third Party Advisory
VDB Entry
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21426108
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21432298
Third Party Advisory
http://marc.info/?l=bugtraq&m=134254866602253&w=2
Third Party Advisory
http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html
Broken Link
http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html
Third Party Advisory
http://blogs.iss.net/archive/sslmitmiscsrf.html
Broken Link
http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during
Third Party Advisory
http://clicky.me/tlsvuln
Third Party Advisory
Exploit
http://extendedsubset.com/?p=8
Broken Link
http://extendedsubset.com/Renegotiating_TLS.pdf
Broken Link
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686
Broken Link
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041
Broken Link
http://kbase.redhat.com/faq/docs/DOC-20491
Third Party Advisory
http://lists.apple.com/archives/security-announce/2010//May/msg00002.html
Third Party Advisory
Mailing List
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html
Third Party Advisory
http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
Third Party Advisory
http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2
Third Party Advisory
http://marc.info/?l=bugtraq&m=126150535619567&w=2
Third Party Advisory
http://marc.info/?l=bugtraq&m=127128920008563&w=2
Third Party Advisory
http://marc.info/?l=bugtraq&m=127419602507642&w=2
Third Party Advisory
http://marc.info/?l=bugtraq&m=127557596201693&w=2
Third Party Advisory
http://marc.info/?l=bugtraq&m=132077688910227&w=2
Third Party Advisory
http://marc.info/?l=bugtraq&m=142660345230545&w=2
Third Party Advisory
http://marc.info/?l=cryptography&m=125752275331877&w=2
Third Party Advisory
http://openbsd.org/errata45.html#010_openssl
Third Party Advisory
http://openbsd.org/errata46.html#004_openssl
Third Party Advisory
http://osvdb.org/60521
Broken Link
http://osvdb.org/60972
Broken Link
http://osvdb.org/62210
Broken Link
http://osvdb.org/65202
Broken Link
http://seclists.org/fulldisclosure/2009/Nov/139
Third Party Advisory
Mailing List
http://secunia.com/advisories/37291
Third Party Advisory
http://secunia.com/advisories/37292
Third Party Advisory
http://secunia.com/advisories/37320
Third Party Advisory
http://secunia.com/advisories/37383
Third Party Advisory
http://secunia.com/advisories/37399
Third Party Advisory
http://secunia.com/advisories/37453
Third Party Advisory
http://secunia.com/advisories/37501
Third Party Advisory
http://secunia.com/advisories/37604
Third Party Advisory
http://secunia.com/advisories/37640
Third Party Advisory
http://secunia.com/advisories/37656
Third Party Advisory
http://secunia.com/advisories/37675
Third Party Advisory
http://secunia.com/advisories/37859
Third Party Advisory
http://secunia.com/advisories/38003
Third Party Advisory
http://secunia.com/advisories/38020
Third Party Advisory
http://secunia.com/advisories/38056
Third Party Advisory
http://secunia.com/advisories/38484
Third Party Advisory
http://secunia.com/advisories/38687
Third Party Advisory
http://secunia.com/advisories/38781
Third Party Advisory
http://secunia.com/advisories/39127
Third Party Advisory
http://secunia.com/advisories/39136
Third Party Advisory
http://secunia.com/advisories/39242
Third Party Advisory
http://secunia.com/advisories/39243
Third Party Advisory
http://secunia.com/advisories/39278
Third Party Advisory
http://secunia.com/advisories/39292
Third Party Advisory
http://secunia.com/advisories/39461
Third Party Advisory
http://secunia.com/advisories/39500
Third Party Advisory
http://secunia.com/advisories/39628
Third Party Advisory
http://secunia.com/advisories/39632
Third Party Advisory
http://secunia.com/advisories/39713
Third Party Advisory
http://secunia.com/advisories/40070
Third Party Advisory
http://secunia.com/advisories/40747
Third Party Advisory
http://secunia.com/advisories/40866
Third Party Advisory
http://secunia.com/advisories/41480
Third Party Advisory
http://secunia.com/advisories/41490
Third Party Advisory
http://secunia.com/advisories/41967
Third Party Advisory
http://secunia.com/advisories/41972
Third Party Advisory
http://secunia.com/advisories/42377
Third Party Advisory
http://secunia.com/advisories/42379
Third Party Advisory
http://secunia.com/advisories/42808
Third Party Advisory
http://secunia.com/advisories/42811
Third Party Advisory
http://secunia.com/advisories/42816
Third Party Advisory
http://secunia.com/advisories/43308
Third Party Advisory
http://secunia.com/advisories/44954
Third Party Advisory
http://secunia.com/advisories/48577
Third Party Advisory
http://security.gentoo.org/glsa/glsa-201203-22.xml
Third Party Advisory
http://security.gentoo.org/glsa/glsa-201406-32.xml
Third Party Advisory
http://securitytracker.com/id?1023148
Third Party Advisory
VDB Entry
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1
Broken Link
http://support.apple.com/kb/HT4170
Third Party Advisory
http://support.avaya.com/css/P8/documents/100070150
Third Party Advisory
http://support.avaya.com/css/P8/documents/100081611
Third Party Advisory
http://support.avaya.com/css/P8/documents/100114315
Third Party Advisory
http://support.avaya.com/css/P8/documents/100114327
Third Party Advisory
http://support.citrix.com/article/CTX123359
Third Party Advisory
http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES
Broken Link
http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released
Broken Link
http://sysoev.ru/nginx/patch.cve-2009-3555.txt
Broken Link
http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html
Broken Link
http://ubuntu.com/usn/usn-923-1
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg24006386
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg24025312
Third Party Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only
Third Party Advisory
http://www.arubanetworks.com/support/alerts/aid-020810.txt
Broken Link
http://www.betanews.com/article/1257452450
Third Party Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml
Third Party Advisory
http://www.debian.org/security/2011/dsa-2141
Third Party Advisory
http://www.debian.org/security/2015/dsa-3253
Third Party Advisory
http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html
Third Party Advisory
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html
Third Party Advisory
http://www.ietf.org/mail-archive/web/tls/current/msg03928.html
Third Party Advisory
http://www.ietf.org/mail-archive/web/tls/current/msg03948.html
Third Party Advisory
http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
Third Party Advisory
http://www.kb.cert.org/vuls/id/120541
Third Party Advisory
US Government Resource
http://www.links.org/?p=780
Third Party Advisory
http://www.links.org/?p=786
Third Party Advisory
http://www.links.org/?p=789
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2010:076
Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2010:089
Broken Link
http://www.mozilla.org/security/announce/2010/mfsa2010-22.html
Third Party Advisory
http://www.openoffice.org/security/cves/CVE-2009-3555.html
Third Party Advisory
http://www.openssl.org/news/secadv_20091111.txt
Third Party Advisory
http://www.openwall.com/lists/oss-security/2009/11/05/3
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2009/11/05/5
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2009/11/06/3
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2009/11/07/3
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2009/11/20/1
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2009/11/23/10
Third Party Advisory
Mailing List
http://www.opera.com/docs/changelogs/unix/1060/
Third Party Advisory
http://www.opera.com/support/search/view/944/
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
Third Party Advisory
http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c
Broken Link
http://www.redhat.com/support/errata/RHSA-2010-0119.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0130.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0155.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0165.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0167.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0337.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0338.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0339.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0768.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0770.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0786.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0807.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0865.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0986.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0987.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-0880.html
Third Party Advisory
http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html
Third Party Advisory
http://www.securityfocus.com/archive/1/507952/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/508130/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/522176
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/36935
Patch
Third Party Advisory
Exploit
VDB Entry
http://www.securitytracker.com/id?1023163
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023204
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023205
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023206
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023207
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023208
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023209
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023210
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023211
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023212
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023213
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023214
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023215
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023216
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023217
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023218
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023219
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023224
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023243
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023270
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023271
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023272
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023273
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023274
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023275
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023411
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023426
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023427
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1023428
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1024789
Third Party Advisory
VDB Entry
http://www.tombom.co.uk/blog/?p=85
Broken Link
http://www.ubuntu.com/usn/USN-1010-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-927-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-927-4
Third Party Advisory
http://www.ubuntu.com/usn/USN-927-5
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA10-222A.html
Third Party Advisory
US Government Resource
http://www.us-cert.gov/cas/techalerts/TA10-287A.html
Third Party Advisory
US Government Resource
http://www.vupen.com/english/advisories/2009/3164
Third Party Advisory
http://www.vupen.com/english/advisories/2009/3165
Third Party Advisory
http://www.vupen.com/english/advisories/2009/3205
Third Party Advisory
http://www.vupen.com/english/advisories/2009/3220
Third Party Advisory
http://www.vupen.com/english/advisories/2009/3310
Third Party Advisory
http://www.vupen.com/english/advisories/2009/3313
Third Party Advisory
http://www.vupen.com/english/advisories/2009/3353
Third Party Advisory
http://www.vupen.com/english/advisories/2009/3484
Third Party Advisory
http://www.vupen.com/english/advisories/2009/3521
Third Party Advisory
http://www.vupen.com/english/advisories/2009/3587
Third Party Advisory
http://www.vupen.com/english/advisories/2010/0086
Third Party Advisory
http://www.vupen.com/english/advisories/2010/0748
Third Party Advisory
http://www.vupen.com/english/advisories/2010/0848
Third Party Advisory
http://www.vupen.com/english/advisories/2010/0916
Third Party Advisory
http://www.vupen.com/english/advisories/2010/0933
Third Party Advisory
http://www.vupen.com/english/advisories/2010/0982
Third Party Advisory
http://www.vupen.com/english/advisories/2010/0994
Third Party Advisory
http://www.vupen.com/english/advisories/2010/1054
Third Party Advisory
http://www.vupen.com/english/advisories/2010/1350
Third Party Advisory
http://www.vupen.com/english/advisories/2010/1639
Third Party Advisory
http://www.vupen.com/english/advisories/2010/1673
Third Party Advisory
http://www.vupen.com/english/advisories/2010/2010
Third Party Advisory
http://www.vupen.com/english/advisories/2010/2745
Third Party Advisory
http://www.vupen.com/english/advisories/2010/3069
Third Party Advisory
http://www.vupen.com/english/advisories/2010/3086
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0032
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0033
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0086
Third Party Advisory
http://xss.cx/examples/plesk-reports/plesk-parallels-controlpanel-psa.v.10.3.1_build1013110726.09%20os_redhat.el6-billing-system-plugin-javascript-injection-example-poc-report.html
Third Party Advisory
Exploit
https://bugzilla.mozilla.org/show_bug.cgi?id=526689
Third Party Advisory
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=545755
Third Party Advisory
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=533125
Third Party Advisory
Issue Tracking
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/54158
Third Party Advisory
VDB Entry
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
Third Party Advisory
https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10088
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11578
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11617
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7315
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7478
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7973
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8366
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8535
Third Party Advisory
https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html
Third Party Advisory
https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html
Third Party Advisory
https://www.exploit-db.com/exploits/10579