QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2008-2809

Back to search

CVE-2008-2809

Published: Jul 8, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.

VendorProductVersions

n/a

n/a

affected
n/a

References

SUSE-SA:2008:034
vendor-advisory
x_refsource_SUSE
RHSA-2008:0549
vendor-advisory
x_refsource_REDHAT
DSA-1697
vendor-advisory
x_refsource_DEBIAN
31021
third-party-advisory
x_refsource_SECUNIA
30898
third-party-advisory
x_refsource_SECUNIA
31403
third-party-advisory
x_refsource_SECUNIA
30949
third-party-advisory
x_refsource_SECUNIA
SSA:2008-191-03
vendor-advisory
x_refsource_SLACKWARE
ADV-2009-0977
vdb-entry
x_refsource_VUPEN
31069
third-party-advisory
x_refsource_SECUNIA
31008
third-party-advisory
x_refsource_SECUNIA
31377
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0616
vendor-advisory
x_refsource_REDHAT
3498
third-party-advisory
x_refsource_SREASON
ADV-2008-1993
vdb-entry
x_refsource_VUPEN
31023
third-party-advisory
x_refsource_SECUNIA
MDVSA-2008:155
vendor-advisory
x_refsource_MANDRIVA
30038
vdb-entry
x_refsource_BID
DSA-1607
vendor-advisory
x_refsource_DEBIAN
GLSA-200808-03
vendor-advisory
x_refsource_GENTOO
31005
third-party-advisory
x_refsource_SECUNIA
33433
third-party-advisory
x_refsource_SECUNIA
FEDORA-2008-6127
vendor-advisory
x_refsource_FEDORA
1020419
vdb-entry
x_refsource_SECTRACK
31253
third-party-advisory
x_refsource_SECUNIA
FEDORA-2008-6737
vendor-advisory
x_refsource_FEDORA
31183
third-party-advisory
x_refsource_SECUNIA
30903
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0547
vendor-advisory
x_refsource_REDHAT
FEDORA-2008-6193
vendor-advisory
x_refsource_FEDORA
USN-629-1
vendor-advisory
x_refsource_UBUNTU
256408
vendor-advisory
x_refsource_SUNALERT
SSA:2008-191
vendor-advisory
x_refsource_SLACKWARE
SSA:2008-210-05
vendor-advisory
x_refsource_SLACKWARE
DSA-1615
vendor-advisory
x_refsource_DEBIAN
FEDORA-2008-6706
vendor-advisory
x_refsource_FEDORA
31220
third-party-advisory
x_refsource_SECUNIA
31195
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10205
vdb-entry
signature
x_refsource_OVAL
31076
third-party-advisory
x_refsource_SECUNIA
USN-619-1
vendor-advisory
x_refsource_UBUNTU
30911
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0569
vendor-advisory
x_refsource_REDHAT
30878
third-party-advisory
x_refsource_SECUNIA
DSA-1621
vendor-advisory
x_refsource_DEBIAN
20080708 rPSA-2008-0216-1 firefox
mailing-list
x_refsource_BUGTRAQ
1018979
vdb-entry
x_refsource_SECTRACK
mozilla-altnames-spoofing(43524)
vdb-entry
x_refsource_XF
31286
third-party-advisory
x_refsource_SECUNIA
FEDORA-2008-6196
vendor-advisory
x_refsource_FEDORA
34501
third-party-advisory
x_refsource_SECUNIA
MDVSA-2008:136
vendor-advisory
x_refsource_MANDRIVA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now