Oval Definition:oval:org.mitre.oval:def:12118
Revision Date:2014-10-06Version:35
Title:Vulnerability in SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9
Description:The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2010-3173
Platform(s):Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Definition Synopsis
  • Mozilla Firefox and version before 3.5.14 and 3.6.x before 3.6.11
  • Mozilla Firefox Mainline release is installed
  • AND Check for vulnerable version
  • Mozilla Firefox Mainline version is before 3.5.14
  • OR Mozilla Firefox Mainline version is 3.6.x before 3.6.11
  • OR Mozilla Thunderbird and version before 3.0.9 and 3.1.x before 3.1.5
  • Mozilla Thunderbird Mainline release is installed
  • AND Thunderbird version is less than 3.0.9 or 3.1.x before 3.1.5
  • Check if Mozilla Thunderbird version is before 3.0.9
  • OR Check if Mozilla Thunderbird version is 3.1.x before 3.1.5
  • OR Mozilla Seamonkey and version less than 2.0.9
  • Mozilla Seamonkey is installed
  • AND Check if the version of Mozilla Seamonkey is less than 2.0.9
    • BACK