7.5
CVE-2010-3173
- EPSS 2.41%
- Veröffentlicht 21.10.2010 19:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:17
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Thunderbird Version <= 3.0.8
Mozilla ≫ Thunderbird Version0.1
Mozilla ≫ Thunderbird Version0.2
Mozilla ≫ Thunderbird Version0.3
Mozilla ≫ Thunderbird Version0.4
Mozilla ≫ Thunderbird Version0.5
Mozilla ≫ Thunderbird Version0.6
Mozilla ≫ Thunderbird Version0.7
Mozilla ≫ Thunderbird Version0.7.1
Mozilla ≫ Thunderbird Version0.7.2
Mozilla ≫ Thunderbird Version0.7.3
Mozilla ≫ Thunderbird Version0.8
Mozilla ≫ Thunderbird Version0.9
Mozilla ≫ Thunderbird Version1.0
Mozilla ≫ Thunderbird Version1.0.1
Mozilla ≫ Thunderbird Version1.0.2
Mozilla ≫ Thunderbird Version1.0.3
Mozilla ≫ Thunderbird Version1.0.4
Mozilla ≫ Thunderbird Version1.0.5
Mozilla ≫ Thunderbird Version1.0.6
Mozilla ≫ Thunderbird Version1.0.7
Mozilla ≫ Thunderbird Version1.0.8
Mozilla ≫ Thunderbird Version1.5
Mozilla ≫ Thunderbird Version1.5 Updatebeta2
Mozilla ≫ Thunderbird Version1.5.0.1
Mozilla ≫ Thunderbird Version1.5.0.2
Mozilla ≫ Thunderbird Version1.5.0.3
Mozilla ≫ Thunderbird Version1.5.0.4
Mozilla ≫ Thunderbird Version1.5.0.5
Mozilla ≫ Thunderbird Version1.5.0.6
Mozilla ≫ Thunderbird Version1.5.0.7
Mozilla ≫ Thunderbird Version1.5.0.8
Mozilla ≫ Thunderbird Version1.5.0.9
Mozilla ≫ Thunderbird Version1.5.0.10
Mozilla ≫ Thunderbird Version1.5.0.11
Mozilla ≫ Thunderbird Version1.5.0.12
Mozilla ≫ Thunderbird Version1.5.0.13
Mozilla ≫ Thunderbird Version1.5.0.14
Mozilla ≫ Thunderbird Version1.5.1
Mozilla ≫ Thunderbird Version1.5.2
Mozilla ≫ Thunderbird Version2.0
Mozilla ≫ Thunderbird Version2.0.0.0
Mozilla ≫ Thunderbird Version2.0.0.1
Mozilla ≫ Thunderbird Version2.0.0.2
Mozilla ≫ Thunderbird Version2.0.0.3
Mozilla ≫ Thunderbird Version2.0.0.4
Mozilla ≫ Thunderbird Version2.0.0.5
Mozilla ≫ Thunderbird Version2.0.0.6
Mozilla ≫ Thunderbird Version2.0.0.7
Mozilla ≫ Thunderbird Version2.0.0.8
Mozilla ≫ Thunderbird Version2.0.0.9
Mozilla ≫ Thunderbird Version2.0.0.12
Mozilla ≫ Thunderbird Version2.0.0.14
Mozilla ≫ Thunderbird Version2.0.0.16
Mozilla ≫ Thunderbird Version2.0.0.17
Mozilla ≫ Thunderbird Version2.0.0.18
Mozilla ≫ Thunderbird Version2.0.0.19
Mozilla ≫ Thunderbird Version2.0.0.21
Mozilla ≫ Thunderbird Version2.0.0.22
Mozilla ≫ Thunderbird Version2.0.0.23
Mozilla ≫ Thunderbird Version3.0
Mozilla ≫ Thunderbird Version3.0.1
Mozilla ≫ Thunderbird Version3.0.2
Mozilla ≫ Thunderbird Version3.0.3
Mozilla ≫ Thunderbird Version3.0.4
Mozilla ≫ Thunderbird Version3.0.5
Mozilla ≫ Thunderbird Version3.0.6
Mozilla ≫ Thunderbird Version3.0.7
Mozilla ≫ Thunderbird Version3.1
Mozilla ≫ Thunderbird Version3.1.1
Mozilla ≫ Thunderbird Version3.1.2
Mozilla ≫ Thunderbird Version3.1.3
Mozilla ≫ Thunderbird Version3.1.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.41% | 0.819 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
http://secunia.com/advisories/42867
http://www.vupen.com/english/advisories/2011/0061
http://secunia.com/advisories/41839
http://support.avaya.com/css/P8/documents/100114250
http://support.avaya.com/css/P8/documents/100120156
http://www.debian.org/security/2010/dsa-2123
http://www.mandriva.com/security/advisories?name=MDVSA-2010:210
http://www.redhat.com/support/errata/RHSA-2010-0781.html
http://www.redhat.com/support/errata/RHSA-2010-0782.html
http://www.ubuntu.com/usn/USN-1007-1
http://www.mandriva.com/security/advisories?name=MDVSA-2010:211
http://www.mozilla.org/security/announce/2010/mfsa2010-72.html
https://bugzilla.mozilla.org/show_bug.cgi?id=554354
https://bugzilla.mozilla.org/show_bug.cgi?id=583337
https://bugzilla.mozilla.org/show_bug.cgi?id=587234
https://bugzilla.mozilla.org/show_bug.cgi?id=595300
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12118