cvelistv5 - cve-2007-4879

CVE-2007-4879 (GCVE-0-2007-4879)

Vulnerability from cvelistv5

Published

2007-09-13 18:00

Modified

2024-08-07 15:08

Severity ?

CWE

Summary

Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains.

References

URL	Tags
secalert@redhat.com	http://0x90.eu/ff_tls_poc.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html
secalert@redhat.com	http://secunia.com/advisories/29526	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29539	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29541	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29547	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29558	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29560	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29616	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29645	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/30327	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/30620	Vendor Advisory
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1
secalert@redhat.com	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1532
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1534
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1535
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2008:080
secalert@redhat.com	http://www.mozilla.org/security/announce/2008/mfsa2008-17.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/490196/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/28448
secalert@redhat.com	http://www.securitytracker.com/id?1019704
secalert@redhat.com	http://www.ubuntu.com/usn/usn-592-1
secalert@redhat.com	http://www.us-cert.gov/cas/techalerts/TA08-087A.html	US Government Resource
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0998/references	Vendor Advisory
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/1793/references	Vendor Advisory
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=395399
af854a3a-2127-422b-91ae-364da2661108	http://0x90.eu/ff_tls_poc.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29526	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29539	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29541	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29547	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29558	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29560	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29616	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29645	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30327	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30620	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1
af854a3a-2127-422b-91ae-364da2661108	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1532
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1534
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1535
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:080
af854a3a-2127-422b-91ae-364da2661108	http://www.mozilla.org/security/announce/2008/mfsa2008-17.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490196/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28448
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019704
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-592-1
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA08-087A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0998/references	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1793/references	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=395399

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:08:33.876Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20080327 rPSA-2008-0128-1 firefox",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490196/100/0/threaded"
          },
          {
            "name": "29541",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29541"
          },
          {
            "name": "29539",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29539"
          },
          {
            "name": "1019704",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019704"
          },
          {
            "name": "30620",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30620"
          },
          {
            "name": "29560",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29560"
          },
          {
            "name": "DSA-1532",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1532"
          },
          {
            "name": "30327",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30327"
          },
          {
            "name": "238492",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
          },
          {
            "name": "USN-592-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-592-1"
          },
          {
            "name": "29616",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29616"
          },
          {
            "name": "29645",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29645"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://0x90.eu/ff_tls_poc.html"
          },
          {
            "name": "ADV-2008-1793",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1793/references"
          },
          {
            "name": "29558",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29558"
          },
          {
            "name": "29526",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29526"
          },
          {
            "name": "SUSE-SA:2008:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html"
          },
          {
            "name": "TA08-087A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-087A.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=395399"
          },
          {
            "name": "28448",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28448"
          },
          {
            "name": "DSA-1534",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1534"
          },
          {
            "name": "29547",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29547"
          },
          {
            "name": "GLSA-200805-18",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128"
          },
          {
            "name": "ADV-2008-0998",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0998/references"
          },
          {
            "name": "DSA-1535",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1535"
          },
          {
            "name": "MDVSA-2008:080",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "20080327 rPSA-2008-0128-1 firefox",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490196/100/0/threaded"
        },
        {
          "name": "29541",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29541"
        },
        {
          "name": "29539",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29539"
        },
        {
          "name": "1019704",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019704"
        },
        {
          "name": "30620",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30620"
        },
        {
          "name": "29560",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29560"
        },
        {
          "name": "DSA-1532",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1532"
        },
        {
          "name": "30327",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30327"
        },
        {
          "name": "238492",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
        },
        {
          "name": "USN-592-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-592-1"
        },
        {
          "name": "29616",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29616"
        },
        {
          "name": "29645",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29645"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://0x90.eu/ff_tls_poc.html"
        },
        {
          "name": "ADV-2008-1793",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1793/references"
        },
        {
          "name": "29558",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29558"
        },
        {
          "name": "29526",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29526"
        },
        {
          "name": "SUSE-SA:2008:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html"
        },
        {
          "name": "TA08-087A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-087A.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=395399"
        },
        {
          "name": "28448",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28448"
        },
        {
          "name": "DSA-1534",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1534"
        },
        {
          "name": "29547",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29547"
        },
        {
          "name": "GLSA-200805-18",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128"
        },
        {
          "name": "ADV-2008-0998",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0998/references"
        },
        {
          "name": "DSA-1535",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1535"
        },
        {
          "name": "MDVSA-2008:080",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2007-4879",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20080327 rPSA-2008-0128-1 firefox",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490196/100/0/threaded"
            },
            {
              "name": "29541",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29541"
            },
            {
              "name": "29539",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29539"
            },
            {
              "name": "1019704",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019704"
            },
            {
              "name": "30620",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30620"
            },
            {
              "name": "29560",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29560"
            },
            {
              "name": "DSA-1532",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1532"
            },
            {
              "name": "30327",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30327"
            },
            {
              "name": "238492",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
            },
            {
              "name": "USN-592-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-592-1"
            },
            {
              "name": "29616",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29616"
            },
            {
              "name": "29645",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29645"
            },
            {
              "name": "http://0x90.eu/ff_tls_poc.html",
              "refsource": "MISC",
              "url": "http://0x90.eu/ff_tls_poc.html"
            },
            {
              "name": "ADV-2008-1793",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1793/references"
            },
            {
              "name": "29558",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29558"
            },
            {
              "name": "29526",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29526"
            },
            {
              "name": "SUSE-SA:2008:019",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html"
            },
            {
              "name": "TA08-087A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-087A.html"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html",
              "refsource": "CONFIRM",
              "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=395399",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=395399"
            },
            {
              "name": "28448",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28448"
            },
            {
              "name": "DSA-1534",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1534"
            },
            {
              "name": "29547",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29547"
            },
            {
              "name": "GLSA-200805-18",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml"
            },
            {
              "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128",
              "refsource": "CONFIRM",
              "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128"
            },
            {
              "name": "ADV-2008-0998",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0998/references"
            },
            {
              "name": "DSA-1535",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1535"
            },
            {
              "name": "MDVSA-2008:080",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-4879",
    "datePublished": "2007-09-13T18:00:00",
    "dateReserved": "2007-09-13T00:00:00",
    "dateUpdated": "2024-08-07T15:08:33.876Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-4879\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2007-09-13T18:17:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains.\"},{\"lang\":\"es\",\"value\":\"Mozilla Firefox anterior a Firefox versi\u00f3n 2.0.0.13, y SeaMonkey anterior a versi\u00f3n 1.1.9, pueden instalar autom\u00e1ticamente certificados de cliente TLS con una interacci\u00f3n m\u00ednima del usuario y enviar autom\u00e1ticamente estos certificados cuando se solicitan, lo que facilita que los sitios web remotos puedan realizar un seguimiento de las actividades de los usuarios en todos los dominios mediante la solicitud de los certificados de cliente TLS de otros dominios.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.0.0.12\",\"matchCriteriaId\":\"D70186C3-B3C9-48A7-B282-37A9AB6F7726\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C7AA88B-638A-451A-B235-A1A1444BE417\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C01AD7C-8470-47AB-B8AE-670E3A381E89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E43F2F1-9252-4B44-8A61-D05305915A5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BB9D48B-DC7B-4D92-BB26-B6DE629A2506\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A360D595-A829-4DDE-932E-9995626917E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E9B5349-FAA7-4CDA-9533-1AD1ACDFAC4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07243837-C353-4C25-A5B1-4DA32807E97D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B832C034-F793-415F-BFC8-D97A18BA6BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83CD1A13-66CB-49CC-BD84-5D8334DB774A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93C142C5-3A85-432B-80D6-2E7B1B4694F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2434FCE7-A50B-4527-9970-C7224B31141C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*\",\"matchCriteriaId\":\"5633FB6E-D623-49D4-9858-4E20E64DE458\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"429ECA02-DBCD-45FB-942C-CA4BC1BC8A72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5F0DC80-5473-465C-9D7F-9589F1B78E12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"567FF916-7DE0-403C-8528-7931A43E0D18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"010B34F4-910E-4515-990B-8E72DF009578\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FAA1A89-E8D9-46D0-8E2C-9259920ACBFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A545A77-2198-4685-A87F-E0F2DAECECF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*\",\"matchCriteriaId\":\"438AACF8-006F-4522-853F-30DBBABD8C15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"778FAE0C-A5CF-4B67-93A9-1A803E3E699F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7447185-7509-449D-8907-F30A42CF7EB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EDBAC37-9D08-44D1-B279-BC6ACF126CAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FFF89FA-2020-43CC-BACD-D66117B3DD26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"834BB391-5EB5-43A8-980A-D305EDAE6FA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A38AD88-BAA6-4FBE-885B-69E951BD1EFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B500EE6C-99DB-49A3-A1F1-AFFD7FE28068\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F2938F2-A801-45E5-8E06-BE03DE03C8A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F18A45C0-419C-4723-AB7D-5880EF668CE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABB88E86-6E83-4A59-9266-8B98AA91774D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"66BE50FE-EA21-4633-A181-CD35196DF06E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D6BF5B1-86D1-47FE-9D9C-735718F94874\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84D15CE0-69DF-4EFD-801E-96A4D6AABEDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEE203DE-6C0E-4FDE-9C3A-0E73430F17DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2F38886-C25A-4C6B-93E7-36461405BA99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C65D2670-F37F-48CB-804A-D35BB1C27D9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE8E5194-7B34-4802-BDA6-6A86EB5EDE05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FABA5F56-99F7-4F8F-9CC1-5B0B2EB72922\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2917BD67-CE81-4B94-B241-D4A9DDA60319\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A524A94E-F19B-42B9-AA8E-171751C339AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F71436CF-F756-44E0-8E69-6951F6B3E54A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"582EE839-B83F-4908-9780-D0C92DC44FD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"824369CF-00A0-434E-94BC-71CA1317012C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCB35099-B04E-4796-A25D-953329FE62F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DBEBCFD-80D6-466A-BAEF-C75E65A3B12E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C30ACBCA-4FA1-46DE-8F15-4830BC27E160\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9453EF65-7C69-449E-BF7C-4FECFB56713E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AA75825-21CF-475B-8040-126A13FA2216\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA97C80E-17FA-4866-86CE-29886145ED80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DE24BED-202E-416D-B5F2-8207D97B9939\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04198E04-CE1D-4A5A-A20C-D1E135B45F94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"717DB967-F658-4699-A224-5B261BFEC10A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3487FA64-BE04-42CA-861E-3DAC097D7D32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D956DC-C73B-439F-8D79-8239207CC76F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57E2C7E7-56C0-466C-BB08-5EB43922C4F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"462E135A-5616-46CC-A9C0-5A7A0526ACC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6121F9C1-F4DF-4AAB-9E51-AC1592AA5639\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58D44634-A0B5-4F05-8983-B08D392EC742\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB3AC3D3-FDD7-489F-BDCF-BDB55DF33A8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4105171B-9C90-4ABF-B220-A35E7BA9EE40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20985549-DB24-4B69-9D40-208A47AE658E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43A13026-416F-4308-8A1B-E989BD769E12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"612B015E-9F96-4CE6-83E4-23848FD609E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E391619-0967-43E1-8CBC-4D54F72A85C2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.1.8\",\"matchCriteriaId\":\"DABC3E49-34F7-4748-B83F-6CF307230067\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09E18FC0-0C8C-4FA1-85B9-B868D00F002F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A97B6E1-EABA-4977-A3FC-64DF0392AA95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB01A97F-ACE1-4A99-8939-6DF8FE5B5E8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6521C877-63C9-4B6E-9FC9-1263FFBB7950\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D949DF0A-CBC2-40E1-AE6C-60E6F58D2481\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C5CDA57-1A50-4EDB-80E2-D3EBB44EA653\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22D33486-4956-4E2C-BA16-FA269A9D02BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3104343E-93B6-4D4A-BC95-ED9F7E91FB6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"381313EF-DF84-4F66-9962-DE8F45029D79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0228476-14E4-443C-BBAE-2C9CD8594DC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A803A500-DCE2-44FC-ABEB-A90A1D39D85C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"022274DE-5251-49C9-B6E5-1D8CEDC34E7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9F84CB7-93F7-4912-BC87-497867B96491\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"8992E9C6-09B3-492E-B7DA-899D5238EC18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"D58B704B-F06E-44C1-BBD1-A090D1E6583A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40270FBD-744A-49D9-9FFA-1DCD897210D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20E01097-F60A-4FB2-BA47-84A267EE87D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F65732F-317B-49A2-B9B0-FA1102B8B45C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB430F19-069A-43FD-9097-586D4449D327\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76AD0439-3BFB-4AD1-8E2C-99D0B099FA8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E6D7528-E591-48A6-8165-BE42F8EBF6B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA710423-0075-44B8-9DCB-6380FA974486\"}]}]}],\"references\":[{\"url\":\"http://0x90.eu/ff_tls_poc.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/29526\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29539\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29541\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29547\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29558\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29560\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29616\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29645\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30327\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30620\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1532\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1534\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1535\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:080\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mozilla.org/security/announce/2008/mfsa2008-17.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/490196/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/28448\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id?1019704\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/usn-592-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-087A.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0998/references\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1793/references\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=395399\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://0x90.eu/ff_tls_poc.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/29526\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29539\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29541\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29547\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29558\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29560\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29616\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29645\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30327\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30620\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1532\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1534\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1535\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:080\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mozilla.org/security/announce/2008/mfsa2008-17.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/490196/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/28448\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1019704\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/usn-592-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-087A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0998/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1793/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=395399\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

ghsa-p6j7-wg3q-q2c3

Vulnerability from github

Published

2022-05-01 18:27

Modified

2022-05-01 18:27

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-4879"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-09-13T18:17:00Z",
    "severity": "MODERATE"
  },
  "details": "Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains.",
  "id": "GHSA-p6j7-wg3q-q2c3",
  "modified": "2022-05-01T18:27:48Z",
  "published": "2022-05-01T18:27:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4879"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=395399"
    },
    {
      "type": "WEB",
      "url": "http://0x90.eu/ff_tls_poc.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29526"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29539"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29541"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29547"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29558"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29560"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29616"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29645"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30327"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30620"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
    },
    {
      "type": "WEB",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1532"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1534"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1535"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080"
    },
    {
      "type": "WEB",
      "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/490196/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/28448"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1019704"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-592-1"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-087A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0998/references"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1793/references"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2007-4879

Vulnerability from fkie_nvd

Published

2007-09-13 18:17

Modified

2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://0x90.eu/ff_tls_poc.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html
secalert@redhat.com	http://secunia.com/advisories/29526	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29539	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29541	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29547	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29558	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29560	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29616	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/29645	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/30327	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/30620	Vendor Advisory
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1
secalert@redhat.com	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1532
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1534
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1535
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2008:080
secalert@redhat.com	http://www.mozilla.org/security/announce/2008/mfsa2008-17.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/490196/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/28448
secalert@redhat.com	http://www.securitytracker.com/id?1019704
secalert@redhat.com	http://www.ubuntu.com/usn/usn-592-1
secalert@redhat.com	http://www.us-cert.gov/cas/techalerts/TA08-087A.html	US Government Resource
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0998/references	Vendor Advisory
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/1793/references	Vendor Advisory
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=395399
af854a3a-2127-422b-91ae-364da2661108	http://0x90.eu/ff_tls_poc.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29526	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29539	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29541	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29547	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29558	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29560	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29616	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29645	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30327	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30620	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1
af854a3a-2127-422b-91ae-364da2661108	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1532
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1534
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1535
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:080
af854a3a-2127-422b-91ae-364da2661108	http://www.mozilla.org/security/announce/2008/mfsa2008-17.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490196/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28448
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019704
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-592-1
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA08-087A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0998/references	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1793/references	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=395399

Impacted products

Vendor	Product	Version
mozilla	firefox	*
mozilla	firefox	0.1
mozilla	firefox	0.2
mozilla	firefox	0.3
mozilla	firefox	0.4
mozilla	firefox	0.5
mozilla	firefox	0.6
mozilla	firefox	0.6.1
mozilla	firefox	0.7
mozilla	firefox	0.7.1
mozilla	firefox	0.8
mozilla	firefox	0.9
mozilla	firefox	0.9
mozilla	firefox	0.9.1
mozilla	firefox	0.9.2
mozilla	firefox	0.9.3
mozilla	firefox	0.10
mozilla	firefox	0.10.1
mozilla	firefox	1.0
mozilla	firefox	1.0
mozilla	firefox	1.0.1
mozilla	firefox	1.0.2
mozilla	firefox	1.0.3
mozilla	firefox	1.0.4
mozilla	firefox	1.0.5
mozilla	firefox	1.0.6
mozilla	firefox	1.0.7
mozilla	firefox	1.0.8
mozilla	firefox	1.4.1
mozilla	firefox	1.5
mozilla	firefox	1.5
mozilla	firefox	1.5
mozilla	firefox	1.5.0.1
mozilla	firefox	1.5.0.2
mozilla	firefox	1.5.0.3
mozilla	firefox	1.5.0.4
mozilla	firefox	1.5.0.5
mozilla	firefox	1.5.0.6
mozilla	firefox	1.5.0.7
mozilla	firefox	1.5.0.8
mozilla	firefox	1.5.0.9
mozilla	firefox	1.5.0.10
mozilla	firefox	1.5.0.11
mozilla	firefox	1.5.0.12
mozilla	firefox	1.5.1
mozilla	firefox	1.5.2
mozilla	firefox	1.5.3
mozilla	firefox	1.5.4
mozilla	firefox	1.5.5
mozilla	firefox	1.5.6
mozilla	firefox	1.5.7
mozilla	firefox	1.5.8
mozilla	firefox	1.8
mozilla	firefox	2.0
mozilla	firefox	2.0.0.1
mozilla	firefox	2.0.0.2
mozilla	firefox	2.0.0.3
mozilla	firefox	2.0.0.4
mozilla	firefox	2.0.0.5
mozilla	firefox	2.0.0.6
mozilla	firefox	2.0.0.7
mozilla	firefox	2.0.0.8
mozilla	firefox	2.0.0.9
mozilla	firefox	2.0.0.10
mozilla	firefox	2.0.0.11
mozilla	seamonkey	*
mozilla	seamonkey	1.0
mozilla	seamonkey	1.0
mozilla	seamonkey	1.0
mozilla	seamonkey	1.0.1
mozilla	seamonkey	1.0.2
mozilla	seamonkey	1.0.3
mozilla	seamonkey	1.0.4
mozilla	seamonkey	1.0.5
mozilla	seamonkey	1.0.6
mozilla	seamonkey	1.0.7
mozilla	seamonkey	1.0.8
mozilla	seamonkey	1.0.9
mozilla	seamonkey	1.1
mozilla	seamonkey	1.1
mozilla	seamonkey	1.1
mozilla	seamonkey	1.1.1
mozilla	seamonkey	1.1.2
mozilla	seamonkey	1.1.3
mozilla	seamonkey	1.1.4
mozilla	seamonkey	1.1.5
mozilla	seamonkey	1.1.6
mozilla	seamonkey	1.1.7

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D70186C3-B3C9-48A7-B282-37A9AB6F7726",
              "versionEndIncluding": "2.0.0.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C7AA88B-638A-451A-B235-A1A1444BE417",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C01AD7C-8470-47AB-B8AE-670E3A381E89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E43F2F1-9252-4B44-8A61-D05305915A5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BB9D48B-DC7B-4D92-BB26-B6DE629A2506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A360D595-A829-4DDE-932E-9995626917E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E9B5349-FAA7-4CDA-9533-1AD1ACDFAC4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "07243837-C353-4C25-A5B1-4DA32807E97D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B832C034-F793-415F-BFC8-D97A18BA6BC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "83CD1A13-66CB-49CC-BD84-5D8334DB774A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "93C142C5-3A85-432B-80D6-2E7B1B4694F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "2434FCE7-A50B-4527-9970-C7224B31141C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*",
              "matchCriteriaId": "5633FB6E-D623-49D4-9858-4E20E64DE458",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "429ECA02-DBCD-45FB-942C-CA4BC1BC8A72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5F0DC80-5473-465C-9D7F-9589F1B78E12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "567FF916-7DE0-403C-8528-7931A43E0D18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "010B34F4-910E-4515-990B-8E72DF009578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FAA1A89-E8D9-46D0-8E2C-9259920ACBFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*",
              "matchCriteriaId": "438AACF8-006F-4522-853F-30DBBABD8C15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B500EE6C-99DB-49A3-A1F1-AFFD7FE28068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F2938F2-A801-45E5-8E06-BE03DE03C8A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F18A45C0-419C-4723-AB7D-5880EF668CE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D6BF5B1-86D1-47FE-9D9C-735718F94874",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "84D15CE0-69DF-4EFD-801E-96A4D6AABEDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE203DE-6C0E-4FDE-9C3A-0E73430F17DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2F38886-C25A-4C6B-93E7-36461405BA99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C65D2670-F37F-48CB-804A-D35BB1C27D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8E5194-7B34-4802-BDA6-6A86EB5EDE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FABA5F56-99F7-4F8F-9CC1-5B0B2EB72922",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2917BD67-CE81-4B94-B241-D4A9DDA60319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "A524A94E-F19B-42B9-AA8E-171751C339AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F71436CF-F756-44E0-8E69-6951F6B3E54A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "582EE839-B83F-4908-9780-D0C92DC44FD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "824369CF-00A0-434E-94BC-71CA1317012C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCB35099-B04E-4796-A25D-953329FE62F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DBEBCFD-80D6-466A-BAEF-C75E65A3B12E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C30ACBCA-4FA1-46DE-8F15-4830BC27E160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9453EF65-7C69-449E-BF7C-4FECFB56713E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA75825-21CF-475B-8040-126A13FA2216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA97C80E-17FA-4866-86CE-29886145ED80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE24BED-202E-416D-B5F2-8207D97B9939",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "04198E04-CE1D-4A5A-A20C-D1E135B45F94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "717DB967-F658-4699-A224-5B261BFEC10A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3487FA64-BE04-42CA-861E-3DAC097D7D32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D956DC-C73B-439F-8D79-8239207CC76F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E2C7E7-56C0-466C-BB08-5EB43922C4F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "462E135A-5616-46CC-A9C0-5A7A0526ACC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6121F9C1-F4DF-4AAB-9E51-AC1592AA5639",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "58D44634-A0B5-4F05-8983-B08D392EC742",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3AC3D3-FDD7-489F-BDCF-BDB55DF33A8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4105171B-9C90-4ABF-B220-A35E7BA9EE40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "20985549-DB24-4B69-9D40-208A47AE658E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A13026-416F-4308-8A1B-E989BD769E12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "612B015E-9F96-4CE6-83E4-23848FD609E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E391619-0967-43E1-8CBC-4D54F72A85C2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DABC3E49-34F7-4748-B83F-6CF307230067",
              "versionEndIncluding": "1.1.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E18FC0-0C8C-4FA1-85B9-B868D00F002F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "4A97B6E1-EABA-4977-A3FC-64DF0392AA95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*",
              "matchCriteriaId": "CB01A97F-ACE1-4A99-8939-6DF8FE5B5E8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6521C877-63C9-4B6E-9FC9-1263FFBB7950",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D949DF0A-CBC2-40E1-AE6C-60E6F58D2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C5CDA57-1A50-4EDB-80E2-D3EBB44EA653",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "22D33486-4956-4E2C-BA16-FA269A9D02BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3104343E-93B6-4D4A-BC95-ED9F7E91FB6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "381313EF-DF84-4F66-9962-DE8F45029D79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0228476-14E4-443C-BBAE-2C9CD8594DC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A803A500-DCE2-44FC-ABEB-A90A1D39D85C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "022274DE-5251-49C9-B6E5-1D8CEDC34E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9F84CB7-93F7-4912-BC87-497867B96491",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "8992E9C6-09B3-492E-B7DA-899D5238EC18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*",
              "matchCriteriaId": "D58B704B-F06E-44C1-BBD1-A090D1E6583A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "40270FBD-744A-49D9-9FFA-1DCD897210D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "20E01097-F60A-4FB2-BA47-84A267EE87D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F65732F-317B-49A2-B9B0-FA1102B8B45C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB430F19-069A-43FD-9097-586D4449D327",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "76AD0439-3BFB-4AD1-8E2C-99D0B099FA8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E6D7528-E591-48A6-8165-BE42F8EBF6B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA710423-0075-44B8-9DCB-6380FA974486",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains."
    },
    {
      "lang": "es",
      "value": "Mozilla Firefox anterior a Firefox versi\u00f3n 2.0.0.13, y SeaMonkey anterior a versi\u00f3n 1.1.9, pueden instalar autom\u00e1ticamente certificados de cliente TLS con una interacci\u00f3n m\u00ednima del usuario y enviar autom\u00e1ticamente estos certificados cuando se solicitan, lo que facilita que los sitios web remotos puedan realizar un seguimiento de las actividades de los usuarios en todos los dominios mediante la solicitud de los certificados de cliente TLS de otros dominios."
    }
  ],
  "id": "CVE-2007-4879",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-09-13T18:17:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://0x90.eu/ff_tls_poc.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29526"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29539"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29541"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29547"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29558"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29560"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29616"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29645"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30327"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30620"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1532"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1534"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1535"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/490196/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/28448"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1019704"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-592-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-087A.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0998/references"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1793/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=395399"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://0x90.eu/ff_tls_poc.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29526"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29539"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29541"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29547"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29558"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29560"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29645"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30620"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1532"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1535"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490196/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019704"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-592-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-087A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0998/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1793/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=395399"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

opensuse-su-2024:10590-1

Vulnerability from csaf_opensuse

Published

2024-06-15 00:00

Modified

2024-06-15 00:00

Summary

seamonkey-2.53.9.1-1.1 on GA media

Notes

Title of the patch

seamonkey-2.53.9.1-1.1 on GA media

Description of the patch

These are all security issues fixed in the seamonkey-2.53.9.1-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-10590

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "seamonkey-2.53.9.1-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the seamonkey-2.53.9.1-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-10590",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10590-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-4879 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-4879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0412 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0412/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0414 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0414/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0415 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0415/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0418 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0418/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0419 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0419/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0592 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0592/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-0593 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-0593/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-1195 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-1195/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-1233 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-1233/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-1236 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-1236/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-1238 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-1238/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-1241 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-1241/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12359 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12359/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12360 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12360/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12362 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12362/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12363 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12363/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12364 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12364/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12365 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12365/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-12366 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-12366/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5156 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5156/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5188 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5188/"
      }
    ],
    "title": "seamonkey-2.53.9.1-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:10590-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "seamonkey-2.53.9.1-1.1.aarch64",
                "product": {
                  "name": "seamonkey-2.53.9.1-1.1.aarch64",
                  "product_id": "seamonkey-2.53.9.1-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
                "product": {
                  "name": "seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
                  "product_id": "seamonkey-dom-inspector-2.53.9.1-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "seamonkey-irc-2.53.9.1-1.1.aarch64",
                "product": {
                  "name": "seamonkey-irc-2.53.9.1-1.1.aarch64",
                  "product_id": "seamonkey-irc-2.53.9.1-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "seamonkey-2.53.9.1-1.1.ppc64le",
                "product": {
                  "name": "seamonkey-2.53.9.1-1.1.ppc64le",
                  "product_id": "seamonkey-2.53.9.1-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
                "product": {
                  "name": "seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
                  "product_id": "seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "seamonkey-irc-2.53.9.1-1.1.ppc64le",
                "product": {
                  "name": "seamonkey-irc-2.53.9.1-1.1.ppc64le",
                  "product_id": "seamonkey-irc-2.53.9.1-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "seamonkey-2.53.9.1-1.1.s390x",
                "product": {
                  "name": "seamonkey-2.53.9.1-1.1.s390x",
                  "product_id": "seamonkey-2.53.9.1-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
                "product": {
                  "name": "seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
                  "product_id": "seamonkey-dom-inspector-2.53.9.1-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "seamonkey-irc-2.53.9.1-1.1.s390x",
                "product": {
                  "name": "seamonkey-irc-2.53.9.1-1.1.s390x",
                  "product_id": "seamonkey-irc-2.53.9.1-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "seamonkey-2.53.9.1-1.1.x86_64",
                "product": {
                  "name": "seamonkey-2.53.9.1-1.1.x86_64",
                  "product_id": "seamonkey-2.53.9.1-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
                "product": {
                  "name": "seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
                  "product_id": "seamonkey-dom-inspector-2.53.9.1-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "seamonkey-irc-2.53.9.1-1.1.x86_64",
                "product": {
                  "name": "seamonkey-irc-2.53.9.1-1.1.x86_64",
                  "product_id": "seamonkey-irc-2.53.9.1-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "seamonkey-2.53.9.1-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64"
        },
        "product_reference": "seamonkey-2.53.9.1-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "seamonkey-2.53.9.1-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le"
        },
        "product_reference": "seamonkey-2.53.9.1-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "seamonkey-2.53.9.1-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x"
        },
        "product_reference": "seamonkey-2.53.9.1-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "seamonkey-2.53.9.1-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64"
        },
        "product_reference": "seamonkey-2.53.9.1-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "seamonkey-dom-inspector-2.53.9.1-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64"
        },
        "product_reference": "seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le"
        },
        "product_reference": "seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "seamonkey-dom-inspector-2.53.9.1-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x"
        },
        "product_reference": "seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "seamonkey-dom-inspector-2.53.9.1-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64"
        },
        "product_reference": "seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "seamonkey-irc-2.53.9.1-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64"
        },
        "product_reference": "seamonkey-irc-2.53.9.1-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "seamonkey-irc-2.53.9.1-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le"
        },
        "product_reference": "seamonkey-irc-2.53.9.1-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "seamonkey-irc-2.53.9.1-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x"
        },
        "product_reference": "seamonkey-irc-2.53.9.1-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "seamonkey-irc-2.53.9.1-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        },
        "product_reference": "seamonkey-irc-2.53.9.1-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2007-4879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-4879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-4879",
          "url": "https://www.suse.com/security/cve/CVE-2007-4879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 370353 for CVE-2007-4879",
          "url": "https://bugzilla.suse.com/370353"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2007-4879"
    },
    {
      "cve": "CVE-2008-0412",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0412"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableFrame::GetFrameAtOrBefore, (2) nsAccessibilityService::GetAccessible, (3) nsBindingManager::GetNestedInsertionPoint, (4) nsXBLPrototypeBinding::AttributeChanged, (5) nsColumnSetFrame::GetContentInsertionFrame, and (6) nsLineLayout::TrimTrailingWhiteSpaceIn methods, and other vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0412",
          "url": "https://www.suse.com/security/cve/CVE-2008-0412"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0412",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2008-0412"
    },
    {
      "cve": "CVE-2008-0414",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0414"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to trick the user into uploading arbitrary files via label tags that shift focus to a file input field, aka \"focus spoofing.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0414",
          "url": "https://www.suse.com/security/cve/CVE-2008-0414"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0414",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-0414"
    },
    {
      "cve": "CVE-2008-0415",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0415"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka \"JavaScript privilege escalation bugs.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0415",
          "url": "https://www.suse.com/security/cve/CVE-2008-0415"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0415",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-0415"
    },
    {
      "cve": "CVE-2008-0418",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0418"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using \"flat\" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing session information from sessionstore.js.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0418",
          "url": "https://www.suse.com/security/cve/CVE-2008-0418"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0418",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-0418"
    },
    {
      "cve": "CVE-2008-0419",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0419"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize handles.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0419",
          "url": "https://www.suse.com/security/cve/CVE-2008-0419"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0419",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2008-0419"
    },
    {
      "cve": "CVE-2008-0592",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0592"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a \"Content-Disposition: attachment\" and an invalid \"Content-Type: plain/text,\" which prevents Firefox from rendering future plain text files within the browser.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0592",
          "url": "https://www.suse.com/security/cve/CVE-2008-0592"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0592",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-0592"
    },
    {
      "cve": "CVE-2008-0593",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-0593"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-0593",
          "url": "https://www.suse.com/security/cve/CVE-2008-0593"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 354469 for CVE-2008-0593",
          "url": "https://bugzilla.suse.com/354469"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-0593"
    },
    {
      "cve": "CVE-2008-1195",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-1195"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-1195",
          "url": "https://www.suse.com/security/cve/CVE-2008-1195"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 368134 for CVE-2008-1195",
          "url": "https://bugzilla.suse.com/368134"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 370353 for CVE-2008-1195",
          "url": "https://bugzilla.suse.com/370353"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 379038 for CVE-2008-1195",
          "url": "https://bugzilla.suse.com/379038"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 404983 for CVE-2008-1195",
          "url": "https://bugzilla.suse.com/404983"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2008-1195"
    },
    {
      "cve": "CVE-2008-1233",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-1233"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via \"XPCNativeWrapper pollution.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-1233",
          "url": "https://www.suse.com/security/cve/CVE-2008-1233"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 370353 for CVE-2008-1233",
          "url": "https://bugzilla.suse.com/370353"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-1233"
    },
    {
      "cve": "CVE-2008-1236",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-1236"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the layout engine.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-1236",
          "url": "https://www.suse.com/security/cve/CVE-2008-1236"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 370353 for CVE-2008-1236",
          "url": "https://bugzilla.suse.com/370353"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-1236"
    },
    {
      "cve": "CVE-2008-1238",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-1238"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely on Referer headers, such as with some Cross-Site Request Forgery (CSRF) mechanisms.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-1238",
          "url": "https://www.suse.com/security/cve/CVE-2008-1238"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 370353 for CVE-2008-1238",
          "url": "https://bugzilla.suse.com/370353"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-1238"
    },
    {
      "cve": "CVE-2008-1241",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-1241"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-1241",
          "url": "https://www.suse.com/security/cve/CVE-2008-1241"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 370353 for CVE-2008-1241",
          "url": "https://bugzilla.suse.com/370353"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-1241"
    },
    {
      "cve": "CVE-2018-12359",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12359"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12359",
          "url": "https://www.suse.com/security/cve/CVE-2018-12359"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12359",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12359"
    },
    {
      "cve": "CVE-2018-12360",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12360"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12360",
          "url": "https://www.suse.com/security/cve/CVE-2018-12360"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12360",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12360"
    },
    {
      "cve": "CVE-2018-12362",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12362"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12362",
          "url": "https://www.suse.com/security/cve/CVE-2018-12362"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12362",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12362"
    },
    {
      "cve": "CVE-2018-12363",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12363"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a pointer referencing it. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12363",
          "url": "https://www.suse.com/security/cve/CVE-2018-12363"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12363",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12363"
    },
    {
      "cve": "CVE-2018-12364",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12364"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery (CSRF) attacks. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12364",
          "url": "https://www.suse.com/security/cve/CVE-2018-12364"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12364",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12364"
    },
    {
      "cve": "CVE-2018-12365",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12365"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12365",
          "url": "https://www.suse.com/security/cve/CVE-2018-12365"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12365",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12365"
    },
    {
      "cve": "CVE-2018-12366",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-12366"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-12366",
          "url": "https://www.suse.com/security/cve/CVE-2018-12366"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-12366",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-12366"
    },
    {
      "cve": "CVE-2018-5156",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5156"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 60, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5156",
          "url": "https://www.suse.com/security/cve/CVE-2018-5156"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-5156",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5156"
    },
    {
      "cve": "CVE-2018-5188",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5188"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 60, Thunderbird \u003c 52.9, Firefox ESR \u003c 60.1, Firefox ESR \u003c 52.9, and Firefox \u003c 61.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
          "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5188",
          "url": "https://www.suse.com/security/cve/CVE-2018-5188"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1098998 for CVE-2018-5188",
          "url": "https://bugzilla.suse.com/1098998"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-dom-inspector-2.53.9.1-1.1.x86_64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.aarch64",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.ppc64le",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.s390x",
            "openSUSE Tumbleweed:seamonkey-irc-2.53.9.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5188"
    }
  ]
}

gsd-2007-4879

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2007-4879

Aliases

CVE-2007-4879

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-4879",
    "description": "Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains.",
    "id": "GSD-2007-4879",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-4879.html",
      "https://www.debian.org/security/2008/dsa-1535",
      "https://www.debian.org/security/2008/dsa-1534",
      "https://www.debian.org/security/2008/dsa-1532"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-4879"
      ],
      "details": "Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains.",
      "id": "GSD-2007-4879",
      "modified": "2023-12-13T01:21:37.221136Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2007-4879",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20080327 rPSA-2008-0128-1 firefox",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/490196/100/0/threaded"
          },
          {
            "name": "29541",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29541"
          },
          {
            "name": "29539",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29539"
          },
          {
            "name": "1019704",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1019704"
          },
          {
            "name": "30620",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30620"
          },
          {
            "name": "29560",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29560"
          },
          {
            "name": "DSA-1532",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2008/dsa-1532"
          },
          {
            "name": "30327",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30327"
          },
          {
            "name": "238492",
            "refsource": "SUNALERT",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
          },
          {
            "name": "USN-592-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/usn-592-1"
          },
          {
            "name": "29616",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29616"
          },
          {
            "name": "29645",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29645"
          },
          {
            "name": "http://0x90.eu/ff_tls_poc.html",
            "refsource": "MISC",
            "url": "http://0x90.eu/ff_tls_poc.html"
          },
          {
            "name": "ADV-2008-1793",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/1793/references"
          },
          {
            "name": "29558",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29558"
          },
          {
            "name": "29526",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29526"
          },
          {
            "name": "SUSE-SA:2008:019",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html"
          },
          {
            "name": "TA08-087A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-087A.html"
          },
          {
            "name": "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html",
            "refsource": "CONFIRM",
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=395399",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=395399"
          },
          {
            "name": "28448",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/28448"
          },
          {
            "name": "DSA-1534",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2008/dsa-1534"
          },
          {
            "name": "29547",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29547"
          },
          {
            "name": "GLSA-200805-18",
            "refsource": "GENTOO",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml"
          },
          {
            "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128",
            "refsource": "CONFIRM",
            "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128"
          },
          {
            "name": "ADV-2008-0998",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0998/references"
          },
          {
            "name": "DSA-1535",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2008/dsa-1535"
          },
          {
            "name": "MDVSA-2008:080",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.0.0.12",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.1.8",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2007-4879"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://0x90.eu/ff_tls_poc.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://0x90.eu/ff_tls_poc.html"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=395399",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=395399"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html"
            },
            {
              "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128"
            },
            {
              "name": "DSA-1532",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2008/dsa-1532"
            },
            {
              "name": "1019704",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1019704"
            },
            {
              "name": "29560",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29560"
            },
            {
              "name": "DSA-1534",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2008/dsa-1534"
            },
            {
              "name": "DSA-1535",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2008/dsa-1535"
            },
            {
              "name": "MDVSA-2008:080",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080"
            },
            {
              "name": "USN-592-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-592-1"
            },
            {
              "name": "TA08-087A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-087A.html"
            },
            {
              "name": "28448",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/28448"
            },
            {
              "name": "29539",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29539"
            },
            {
              "name": "29558",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29558"
            },
            {
              "name": "29616",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29616"
            },
            {
              "name": "29526",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29526"
            },
            {
              "name": "29541",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29541"
            },
            {
              "name": "29547",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29547"
            },
            {
              "name": "SUSE-SA:2008:019",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html"
            },
            {
              "name": "29645",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29645"
            },
            {
              "name": "30327",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/30327"
            },
            {
              "name": "GLSA-200805-18",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml"
            },
            {
              "name": "238492",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
            },
            {
              "name": "30620",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/30620"
            },
            {
              "name": "ADV-2008-0998",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0998/references"
            },
            {
              "name": "ADV-2008-1793",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/1793/references"
            },
            {
              "name": "20080327 rPSA-2008-0128-1 firefox",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/490196/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-30T16:25Z",
      "publishedDate": "2007-09-13T18:17Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2007-4879 (GCVE-0-2007-4879)

Vulnerability from cvelistv5

ghsa-p6j7-wg3q-q2c3

Vulnerability from github

fkie_cve-2007-4879

Vulnerability from fkie_nvd

opensuse-su-2024:10590-1

Vulnerability from csaf_opensuse

gsd-2007-4879

Vulnerability from gsd

Tags

Sightings

Nomenclature