CVE-2010-3170

Priority
Description
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before
3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a
wildcard IP address in the subject's Common Name field of an X.509
certificate, which might allow man-in-the-middle attackers to spoof
arbitrary SSL servers via a crafted certificate issued by a legitimate
Certification Authority.
Assigned-to
chriscoulson
Notes
jdstrandreal problem but with very unlikely circumstances
needs new NSPR
Package
Source: nspr (LP Ubuntu Debian)
Upstream:released (4.8.6)
Package
Source: nss (LP Ubuntu Debian)
Upstream:released (3.12.8)
More Information

Updated: 2020-01-29 19:38:54 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)