VARIoT IoT vulnerabilities database

WebDAV Sharing in Apple Mac OS X 10.7.x before 10.7.3 does not properly perform authentication, which allows local users to gain privileges by leveraging access to (1) the server or (2) a bound directory. Apple Mac OS X is prone a local privilege-escalation vulnerability. Attackers can exploit this issue to execute arbitrary code with superuser privileges. MAC OS X Server versions 10.7 through 10.7.2 are vulnerable. NOTE: This issue was previously discussed in BID 51798 (Apple Mac OS X Prior to 10.7.3 Multiple Security Vulnerabilities) but has been given its own record to better document it

Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a different vulnerability than CVE-2010-1803. This vulnerability CVE-2010-1803 Is a different vulnerability.If a third party impersonates the storage object, important information may be obtained. Apple Mac OS X is prone to a security bypass vulnerability. An attacker can exploit this issue to gain unauthorized access to new backups created by the user's system. The following products are vulnerable: Mac OS X 10.7 to 10.7.2 Mac OS X Server 10.7 to 10.7.2 NOTE: This issue was previously discussed in BID 51798 (Apple Mac OS X Prior to 10.7.3 Multiple Security Vulnerabilities) but has been given its own record to better document it

The OpenGL implementation in Apple Mac OS X before 10.7.3 does not properly perform OpenGL Shading Language (aka GLSL) compilation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted program. Apple Mac OS X is prone to multiple memory-corruption vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the affected application. The following products are vulnerable: Mac OS X 10.6.8 Mac OS X Server 10.6.8 Mac OS X 10.7 to 10.7.2 Mac OS X Server 10.7 to 10.7.2 NOTE: This issue was previously discussed in BID 51798 (Apple Mac OS X Prior to 10.7.3 Multiple Security Vulnerabilities) but has been given its own record to better document it. The vulnerability stems from the fact that the OpenGL implementation does not correctly execute the OpenGL Shading Language (also known as GLSL) compilation. corruption or application crash)

Off-by-one error in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted rdrf atom in a movie file that triggers a buffer overflow. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw occurs when parsing a movie file containing multiple atoms with a different string length. When resizing a buffer in order to make space for the string, the application will forget to include the null-terminator. When the application attempts to null-terminate the string, an out-of-bounds write will occur. If an aggressor can place the a useful heap buffer contiguous to the reallocated string, this can lead to code execution under the context of the applicaiton. Apple Mac OS X is prone to a remote code-execution vulnerability. Failed exploit attempts will result in a denial-of-service condition. The following products are vulnerable: Mac OS X 10.6.8 Mac OS X Server 10.6.8 Mac OS X 10.7 to 10.7.2 Mac OS X Server 10.7 to 10.7.2 NOTE: This issue was previously discussed in BID 51798 (Apple Mac OS X Prior to 10.7.3 Multiple Security Vulnerabilities) but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-05-15-1 QuickTime 7.7.2 QuickTime 7.7.2 is now available and addresses the following: QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple stack overflows existed in QuickTime's handling of TeXML files. CVE-ID CVE-2012-0663 : Alexander Gavrun working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap overflow existed in QuickTime's handling of text tracks. CVE-ID CVE-2012-0664 : Alexander Gavrun working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of H.264 encoded movie files. CVE-ID CVE-2012-0665 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a maliciously crafted MP4 encoded file may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access issue existed in the handling of MP4 encoded files. CVE-ID CVE-2011-3459 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file during progressive download may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of audio sample tables. CVE-ID CVE-2012-0658 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted MPEG file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of MPEG files. CVE-ID CVE-2012-0659 : An anonymous researcher working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow existed in the QuickTime plugin's handling of QTMovie objects. CVE-ID CVE-2012-0666 : CHkr_D591 working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Processing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of PNG files. CVE-ID CVE-2011-3460 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted QTVR movie file may lead to an unexpected application termination or arbitrary code execution Description: A signedness issue existed in the handling of QTVR movie files. CVE-ID CVE-2012-0667 : Alin Rad Pop working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue existed in the handling of JPEG2000 encoded movie files. CVE-ID CVE-2012-0661 : Damian Put working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of RLE encoded movie files. CVE-ID CVE-2012-0668 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in QuickTime's handling of Sorenson encoded movie files. CVE-ID CVE-2012-0669 : Damian Put working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in QuickTime's handling of sean atoms. CVE-ID CVE-2012-0670 : Tom Gallagher (Microsoft) and Paul Bates (Microsoft) working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted .pict file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of .pict files. CVE-ID CVE-2012-0265 : Tielei Wang of Georgia Tech Information Security Center via Secunia SVCRP QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted MPEG file may lead to an unexpected application termination or arbitrary code execution Description: An integer underflow existed in QuickTime's handling of audio streams in MPEG files. CVE-ID CVE-2012-0660 : Justin Kim at Microsoft and Microsoft Vulnerability Research (MSVR) QuickTime 7.7.2 may be obtained from the QuickTime Downloads site: http://www.apple.com/quicktime/download/ The download file is named: "QuickTimeInstaller.exe" Its SHA-1 digest is: ed569d62b3f8c24ac8e9aec7275f17cbb14d2124 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJPsobhAAoJEPefwLHPlZEwk/sP/0C8iXVhnG481GbA03CMhKXJ XDooIlCG6YeoeJxGfri/vqlzqcHe3R90K6R89z1dKGU2bWGvtITh95E+WKll++7F hHYq6YC+r/o1cP1SjBi6A3swhN57m1nQZRIEnnIm+nBSxaiHA6xdRSUaK4ighLSA jbOVfu/6NPuGSlgWBPKSISDY2FhL0GH0QVLW/piVtMTrxhizlE7dgieipAPoVvRC SW2W0te7ujo2X167f2GS8EwplUkj/yVeScdr/6HjLkAXIQ1B9RNqTeOdyQZjTxay 32xhZTQ+JfSQzY6VSGoF0bqlK39u5UyzySIKS446OxclYI6xGKSFvTN3nBUwERd+ W+E/4k3Ry4OYEkgZ5yltXO8bJvGZtmpLOkq94Vb4w7EaEgJ452J/YjqCEEbmtAKM 0W9g1jt5av5Hv+vQ7rufR1tJ6CqkIDDr0f3qY+W/F8ZtdA8Bkvm9568d3L1Vlbai zy89w39Z1RTPMLccZEhtd+80f75P+R3n88X5czjXYignrUJbxhM/S8meqQB5GUB9 nJvZtWB1wlACHJ/EKUTv6miK20XE1OukRyvW0o7WWplqBj5KFWvRcV0tovfybGY9 EKwmao4Hwmq+ovJBFLZj/TV6MMxsJjS9qVea/yOlzZCy+6dwok38yyMAqy+m2dLT X2aq0dgzK7qjPx0FRyOx =BPXs -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Correcting Subject line - -----Original Message----- From: ZDI Disclosures Sent: Wednesday, June 27, 2012 10:38 AM To: 'full-disclosure@lists.grok.org.uk'; 'bugtraq@securityfocus.com' Cc: ZDI Disclosures Subject: -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-103 : Apple Quicktime Dataref URI Buffer Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-103 June 27, 2012 - - -- CVE ID: CVE-2011-3459 - - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - - -- Affected Vendors: Apple - - -- Affected Products: Apple QuickTime - - -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 12408. - - -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT5130 - - -- Disclosure Timeline: 2011-10-21 - Vulnerability reported to vendor 2012-06-27 - Coordinated public release of advisory - - -- Credit: This vulnerability was discovered by: * Luigi Auriemma - - -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi - -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) Charset: utf-8 wsBVAwUBT+sou1VtgMGTo1scAQJtMwf/cQbE0UHH4NLwqZqCZtM+xSRUQWx886Zq qWyDLry4OBRipUO7tRaIGhdfhlljNdX3DjBGxhN/kBCFdgh0nZ+3mxRW7a+UNV4x gRHIX/R3lB2YCAdYu2gH3iJ+449ghVUnz2UkoBbXQ/+BSrMnxFL0ACsZ3Y4MhGyb PX0Ug0fg6rMoZin6bSrLqwOO9ZPg7LwIYPnSwrxVqE5cyZm0BAhNRL2Htqrt2iN8 v6rdNQL+jzkdjCukZSLeRUydUDGEZgEFIQux+JPExbFAXXSzKgYg3KZdLBoR6M0I ogwZqcx7prVreccUT+uijkJv2a4HzmGO3C8DCA1WvDlt4jhb0zth7Q== =8k52 - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) Charset: utf-8 wsBVAwUBT+so8VVtgMGTo1scAQKi0AgAkjzzRXPDqsEMM3LeMsdSACIBskh9+1B/ spQ7/8QrTgL8yKxuwPmlmwrCxiHQhaQBtvSeLoELv6yFcpn+jjxSSQmAwCSm3I2Q g4VX23nslG+5jPHS4TXAQ1FdbxjfJSqaZ/uvHd635nVjUBA1ilbeprpT5Uxu7Kw7 lR6NkC1plR/1jV5CTPJ5MoGQpkt5QNdViwFld+HAiK+aIk0SLGYnB6T64QRn+CWv a8sc2CMn6rOYy4djFOijOedsTbhQoEzljWLExVDYPeARFn3rjRbr/mfOWlIlHE5u g5aZD1uGK8wlLm1kLSrh7TU3i9JKZanKro9zccJbbZnnRii8q5g5kw== =b4Mq -----END PGP SIGNATURE-----

QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within how the application parses a header containing codec-specific data. When handling an error case, the application will forget to initialize a pointer which will later be used in a memory operation. This can lead to code execution under the context of the application. Apple Mac OS X is prone to a remote code-execution vulnerability. Failed exploit attempts will result in a denial-of-service condition. The following products are vulnerable: Mac OS X 10.6.8 Mac OS X Server 10.6.8 Mac OS X 10.7 to 10.7.2 Mac OS X Server 10.7 to 10.7.2 NOTE: This issue was previously discussed in BID 51798 (Apple Mac OS X Prior to 10.7.3 Multiple Security Vulnerabilities) but has been given its own record to better document it. - -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT1222 - -- Disclosure Timeline: 2011-10-21 - Vulnerability reported to vendor 2012-08-03 - Coordinated public release of advisory - -- Credit: This vulnerability was discovered by: * Luigi Auriemma * pa_kt / twitter.com/pa_kt / e1c14ba6 - -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) Charset: utf-8 wsBVAwUBUBwq1FVtgMGTo1scAQLLhQf+Iorsy2Bs4oNOD3aHooXgTpiWxfqEjWBe UZXlPFpe4k8oOIZI6Dqt9hEZlvRELXCgIvcbQq5HMDviszmu39H+z+4Dl5bgzzFX edTpZEvI2L1TYdqplxhaT+x5qNwY3ezaSm2gRcE8fCHsSyTrLWWDFhOu+1zAZmXb wa957fwQedLDAgBH6dxEMhQd6wp8W8LGHNirwKgfKSDLBwjN0u7MDP9rK6uRvLts Vv3z8GApNmY/1cuBjivf4eRHQGZbTTpLg6tDc31OEhfCT3sf+fkQvCT5zmHkujoq NzkGpDWgzDt1q+2whej02233e6hAYh7tIKMQFrV3NvItPHGx3s3LeQ== =iQAP -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-05-15-1 QuickTime 7.7.2 QuickTime 7.7.2 is now available and addresses the following: QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple stack overflows existed in QuickTime's handling of TeXML files. CVE-ID CVE-2012-0663 : Alexander Gavrun working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap overflow existed in QuickTime's handling of text tracks. CVE-ID CVE-2012-0664 : Alexander Gavrun working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of H.264 encoded movie files. CVE-ID CVE-2011-3458 : Luigi Auriemma and pa_kt both working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An off by one buffer overflow existed in the handling of rdrf atoms in QuickTime movie files. CVE-ID CVE-2011-3459 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file during progressive download may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of audio sample tables. CVE-ID CVE-2012-0658 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted MPEG file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of MPEG files. CVE-ID CVE-2012-0659 : An anonymous researcher working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow existed in the QuickTime plugin's handling of QTMovie objects. CVE-ID CVE-2012-0666 : CHkr_D591 working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Processing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of PNG files. CVE-ID CVE-2011-3460 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted QTVR movie file may lead to an unexpected application termination or arbitrary code execution Description: A signedness issue existed in the handling of QTVR movie files. CVE-ID CVE-2012-0667 : Alin Rad Pop working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue existed in the handling of JPEG2000 encoded movie files. CVE-ID CVE-2012-0661 : Damian Put working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of RLE encoded movie files. CVE-ID CVE-2012-0668 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in QuickTime's handling of Sorenson encoded movie files. CVE-ID CVE-2012-0669 : Damian Put working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in QuickTime's handling of sean atoms. CVE-ID CVE-2012-0670 : Tom Gallagher (Microsoft) and Paul Bates (Microsoft) working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted .pict file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of .pict files. CVE-ID CVE-2012-0671 : Rodrigo Rubira Branco (twitter.com/bsdaemon) from the Qualys Vulnerability & Malware Research Labs (VMRL) QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a file in a maliciously crafted path may lead to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow existed in QuickTime's handling of file paths. CVE-ID CVE-2012-0265 : Tielei Wang of Georgia Tech Information Security Center via Secunia SVCRP QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted MPEG file may lead to an unexpected application termination or arbitrary code execution Description: An integer underflow existed in QuickTime's handling of audio streams in MPEG files. CVE-ID CVE-2012-0660 : Justin Kim at Microsoft and Microsoft Vulnerability Research (MSVR) QuickTime 7.7.2 may be obtained from the QuickTime Downloads site: http://www.apple.com/quicktime/download/ The download file is named: "QuickTimeInstaller.exe" Its SHA-1 digest is: ed569d62b3f8c24ac8e9aec7275f17cbb14d2124 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJPsobhAAoJEPefwLHPlZEwk/sP/0C8iXVhnG481GbA03CMhKXJ XDooIlCG6YeoeJxGfri/vqlzqcHe3R90K6R89z1dKGU2bWGvtITh95E+WKll++7F hHYq6YC+r/o1cP1SjBi6A3swhN57m1nQZRIEnnIm+nBSxaiHA6xdRSUaK4ighLSA jbOVfu/6NPuGSlgWBPKSISDY2FhL0GH0QVLW/piVtMTrxhizlE7dgieipAPoVvRC SW2W0te7ujo2X167f2GS8EwplUkj/yVeScdr/6HjLkAXIQ1B9RNqTeOdyQZjTxay 32xhZTQ+JfSQzY6VSGoF0bqlK39u5UyzySIKS446OxclYI6xGKSFvTN3nBUwERd+ W+E/4k3Ry4OYEkgZ5yltXO8bJvGZtmpLOkq94Vb4w7EaEgJ452J/YjqCEEbmtAKM 0W9g1jt5av5Hv+vQ7rufR1tJ6CqkIDDr0f3qY+W/F8ZtdA8Bkvm9568d3L1Vlbai zy89w39Z1RTPMLccZEhtd+80f75P+R3n88X5czjXYignrUJbxhM/S8meqQB5GUB9 nJvZtWB1wlACHJ/EKUTv6miK20XE1OukRyvW0o7WWplqBj5KFWvRcV0tovfybGY9 EKwmao4Hwmq+ovJBFLZj/TV6MMxsJjS9qVea/yOlzZCy+6dwok38yyMAqy+m2dLT X2aq0dgzK7qjPx0FRyOx =BPXs -----END PGP SIGNATURE-----

Buffer overflow in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PNG file. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AppleQuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw occurs when the application allocates space for decoding a video sample encoded with the .png format. When calculating space for this surface, the application will explicitly trust the bit-depth within the MediaVideo header. During the decoding process, the application will write outside the surface's boundaries. This can be leveraged to allow for one to earn code execution under the context of the application. Apple Mac OS X is prone to a buffer-overflow vulnerability. Failed exploit attempts will likely result in a denial-of-service condition. The following versions are affected: Mac OS X 10.6.8 Mac OS X Server 10.6.8 Mac OS X 10.7 to 10.7.2 Mac OS X Server 10.7 to 10.7.2 NOTE: This issue was previously discussed in BID 51798 (Apple Mac OS X Prior to 10.7.3 Multiple Security Vulnerabilities) but has been given its own record to better document it. - -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT5130 - -- Disclosure Timeline: 2011-10-21 - Vulnerability reported to vendor 2012-04-09 - Coordinated public release of advisory - -- Credit: This vulnerability was discovered by: * Luigi Auriemma - -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) iQEcBAEBAgAGBQJPgvVYAAoJEFVtgMGTo1scgOYIAKGk8Mau4AEfKu7g4tm9xC27 5p2IR73/S+fF+B0KKI28Kbb0hcdYJO3PmDx4JpTgPL7NvuWlA6gwwMu0XVGLSdQ8 U8JLNIekbw1NO4OCPeWn6+BlMDgAeef5bAXJ3Z0Dbgrr5CasaQCLkqxthW6hT5Eo gkZooI/tZXgeaNCsvKZyPLuPHviqn7ijrsbMoeJwqPcC73G4fe0WGSpaDCFyBI/Q XWEybCQjztHDUqpz2P3sCFvqPMjJRKzmET0pXPxjN7m/IhhigEQUuMJNHD/ebrnz OVTgycHGBUfD+YrAio6h/DGyBkIWAqZapi8qc+KIBg+Ikc9PiB8YlGI3o/Z/HVA= =Y0Ke -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-05-15-1 QuickTime 7.7.2 QuickTime 7.7.2 is now available and addresses the following: QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple stack overflows existed in QuickTime's handling of TeXML files. CVE-ID CVE-2012-0663 : Alexander Gavrun working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap overflow existed in QuickTime's handling of text tracks. CVE-ID CVE-2012-0664 : Alexander Gavrun working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of H.264 encoded movie files. CVE-ID CVE-2012-0665 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a maliciously crafted MP4 encoded file may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access issue existed in the handling of MP4 encoded files. CVE-ID CVE-2011-3458 : Luigi Auriemma and pa_kt both working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An off by one buffer overflow existed in the handling of rdrf atoms in QuickTime movie files. CVE-ID CVE-2011-3459 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file during progressive download may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of audio sample tables. CVE-ID CVE-2012-0658 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted MPEG file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of MPEG files. CVE-ID CVE-2012-0659 : An anonymous researcher working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow existed in the QuickTime plugin's handling of QTMovie objects. CVE-ID CVE-2011-3460 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted QTVR movie file may lead to an unexpected application termination or arbitrary code execution Description: A signedness issue existed in the handling of QTVR movie files. CVE-ID CVE-2012-0667 : Alin Rad Pop working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue existed in the handling of JPEG2000 encoded movie files. CVE-ID CVE-2012-0661 : Damian Put working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of RLE encoded movie files. CVE-ID CVE-2012-0668 : Luigi Auriemma working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in QuickTime's handling of Sorenson encoded movie files. CVE-ID CVE-2012-0669 : Damian Put working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in QuickTime's handling of sean atoms. CVE-ID CVE-2012-0670 : Tom Gallagher (Microsoft) and Paul Bates (Microsoft) working with HP's Zero Day Initiative QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted .pict file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of .pict files. CVE-ID CVE-2012-0671 : Rodrigo Rubira Branco (twitter.com/bsdaemon) from the Qualys Vulnerability & Malware Research Labs (VMRL) QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a file in a maliciously crafted path may lead to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow existed in QuickTime's handling of file paths. CVE-ID CVE-2012-0265 : Tielei Wang of Georgia Tech Information Security Center via Secunia SVCRP QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted MPEG file may lead to an unexpected application termination or arbitrary code execution Description: An integer underflow existed in QuickTime's handling of audio streams in MPEG files. CVE-ID CVE-2012-0660 : Justin Kim at Microsoft and Microsoft Vulnerability Research (MSVR) QuickTime 7.7.2 may be obtained from the QuickTime Downloads site: http://www.apple.com/quicktime/download/ The download file is named: "QuickTimeInstaller.exe" Its SHA-1 digest is: ed569d62b3f8c24ac8e9aec7275f17cbb14d2124 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJPsobhAAoJEPefwLHPlZEwk/sP/0C8iXVhnG481GbA03CMhKXJ XDooIlCG6YeoeJxGfri/vqlzqcHe3R90K6R89z1dKGU2bWGvtITh95E+WKll++7F hHYq6YC+r/o1cP1SjBi6A3swhN57m1nQZRIEnnIm+nBSxaiHA6xdRSUaK4ighLSA jbOVfu/6NPuGSlgWBPKSISDY2FhL0GH0QVLW/piVtMTrxhizlE7dgieipAPoVvRC SW2W0te7ujo2X167f2GS8EwplUkj/yVeScdr/6HjLkAXIQ1B9RNqTeOdyQZjTxay 32xhZTQ+JfSQzY6VSGoF0bqlK39u5UyzySIKS446OxclYI6xGKSFvTN3nBUwERd+ W+E/4k3Ry4OYEkgZ5yltXO8bJvGZtmpLOkq94Vb4w7EaEgJ452J/YjqCEEbmtAKM 0W9g1jt5av5Hv+vQ7rufR1tJ6CqkIDDr0f3qY+W/F8ZtdA8Bkvm9568d3L1Vlbai zy89w39Z1RTPMLccZEhtd+80f75P+R3n88X5czjXYignrUJbxhM/S8meqQB5GUB9 nJvZtWB1wlACHJ/EKUTv6miK20XE1OukRyvW0o7WWplqBj5KFWvRcV0tovfybGY9 EKwmao4Hwmq+ovJBFLZj/TV6MMxsJjS9qVea/yOlzZCy+6dwok38yyMAqy+m2dLT X2aq0dgzK7qjPx0FRyOx =BPXs -----END PGP SIGNATURE-----

Integer overflow in libresolv in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via crafted DNS data. Apple Mac OS X is prone to an integer-overflow vulnerability. Successful exploits may allow attackers to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. The following products are vulnerable: Mac OS X 10.6.8 Mac OS X Server 10.6.8 Mac OS X 10.7 to 10.7.2 Mac OS X Server 10.7 to 10.7.2 NOTE: This issue was previously discussed in BID 51798 (Apple Mac OS X Prior to 10.7.3 Multiple Security Vulnerabilities) but has been given its own record to better document it. BUGTRAQ ID: 51807 CVE ID: CVE-2011-3453 Mac OS is an operating system that runs on Apple's Macintosh series of computers. 0 Apple MacOS X Server 10.7.2 Apple MacOS X Server 10.7.1 Apple MacOS X Server 10.7 Apple MacOS X Server 10.6.8 Apple TV 4.3 Apple TV 4.2 Apple TV 4.1 Apple TV 4.0 Manufacturer Patch: Apple ----- Current Manufacturer An upgrade patch has been released to fix this security problem, please go to the manufacturer's homepage to download: http://support.apple.com/. CVE-ID CVE-2011-3453 : Ilja van Sprundel of IOActive Installation note: Apple TV will periodically check for software updates. For more information see vulnerability #21 in: SA47843 SOLUTION: Upgrade to version 5.0. ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: Apple iOS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA48288 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48288/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48288 RELEASE DATE: 2012-03-09 DISCUSS ADVISORY: http://secunia.com/advisories/48288/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/48288/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=48288 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people with physical access to bypass certain security restrictions and by malicious people to disclose sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's device. 1) An error within the CFNetwork component when handling URLs can be exploited to disclose sensitive information by tricking the user into visiting a malicious website. 3) A logic error within the kernel does not properly handle debug system calls and can be exploited to bypass the sandbox restrictions. 4) An integer overflow error within the libresolv library when handling DNS resource records can be exploited to corrupt heap memory. 9) A cross-origin error in the WebKit component can be exploited to bypass the same-origin policy and disclose a cookie by tricking the user into visiting a malicious website. 10) An error within the WebKit component when handling drag-and-drop actions can be exploited to conduct cross-site scripting attacks. 11) Multiple unspecified errors within the WebKit component can be exploited to conduct cross-site scripting attacks. 12) Some vulnerabilities are caused due to a bundled vulnerable version of WebKit. SOLUTION: Apply iOS 5.1 Software Update. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Erling Ellingsen, Facebook. 2, 8) pod2g. 3) 2012 iOS Jailbreak Dream Team. 5) Roland Kohler, the German Federal Ministry of Economics and Technology. 6) Eric Melville, American Express. 9) Sergey Glazunov. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT5192 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-03-07-2 iOS 5.1 Software Update iOS 5.1 Software Update is now available and addresses the following: CFNetwork Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send unexpected request headers. CVE-ID CVE-2012-0641 : Erling Ellingsen of Facebook HFS Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Mounting a maliciously crafted disk image may lead to a device shutdown or arbitrary code execution Description: An integer underflow existed with the handling of HFS catalog files. CVE-ID CVE-2012-0642 : pod2g Kernel Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A malicious program could bypass sandbox restrictions Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges. CVE-ID CVE-2012-0643 : 2012 iOS Jailbreak Dream Team libresolv Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Applications that use the libresolv library may be vulnerable to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of DNS resource records, which may lead to heap memory corruption. CVE-ID CVE-2011-3453 : Ilja van Sprundel of IOActive Passcode Lock Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A person with physical access to the device may be able to bypass the screen lock Description: A race condition issue existed in the handling of slide to dial gestures. This may allow a person with physical access to the device to bypass the Passcode Lock screen. CVE-ID CVE-2012-0644 : Roland Kohler of the German Federal Ministry of Economics and Technology Safari Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Web page visits may be recorded in browser history even when Private Browsing is active Description: Safari's Private Browsing is designed to prevent recording of a browsing session. Pages visited as a result of a site using the JavaScript methods pushState or replaceState were recorded in the browser history even when Private Browsing mode was active. This issue is addressed by not recording such visits when Private Browsing is active. CVE-ID CVE-2012-0585 : Eric Melville of American Express Siri Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: An attacker with physical access to a locked phone could get access to frontmost email message Description: A design issue existed in Siri's lock screen restrictions. If Siri was enabled for use on the lock screen, and Mail was open with a message selected behind the lock screen, a voice command could be used to send that message to an arbitrary recipient. This issue is addressed by disabling forwarding of active messages from the lock screen. CVE-ID CVE-2012-0645 VPN Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A maliciously crafted system configuration file may lead to arbitrary code execution with system privileges Description: A format string vulnerability existed in the handling of racoon configuration files. CVE-ID CVE-2012-0646 : pod2g WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of cookies Description: A cross-origin issue existed in WebKit, which may allow cookies to be disclosed across origins. CVE-ID CVE-2011-3887 : Sergey Glazunov WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website and dragging content with the mouse may lead to a cross-site scripting attack Description: A cross-origin issue existed in WebKit, which may allow content to be dragged and dropped across origins. CVE-ID CVE-2012-0590 : Adam Barth of Google Chrome Security Team WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: Multiple cross-origin issues existed in WebKit. CVE-ID CVE-2011-3881 : Sergey Glazunov CVE-2012-0586 : Sergey Glazunov CVE-2012-0587 : Sergey Glazunov CVE-2012-0588 : Jochen Eisinger of Google Chrome Team CVE-2012-0589 : Alan Austin of polyvore.com WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. CVE-ID CVE-2011-2825 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-2833 : Apple CVE-2011-2846 : Arthur Gerkis, miaubiz CVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense VCP CVE-2011-2857 : miaubiz CVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2867 : Dirk Schulze CVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2869 : Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2877 : miaubiz CVE-2011-3885 : miaubiz CVE-2011-3888 : miaubiz CVE-2011-3897 : pa_kt working with TippingPoint's Zero Day Initiative CVE-2011-3908 : Aki Helin of OUSPG CVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu CVE-2011-3928 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2012-0591 : miaubiz, and Martin Barbella CVE-2012-0592 : Alexander Gavrun working with TippingPoint's Zero Day Initiative CVE-2012-0593 : Lei Zhang of the Chromium development community CVE-2012-0594 : Adam Klein of the Chromium development community CVE-2012-0595 : Apple CVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0597 : miaubiz CVE-2012-0598 : Sergey Glazunov CVE-2012-0599 : Dmytro Gorbunov of SaveSources.com CVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google Chrome, miaubiz, Aki Helin of OUSPG, Apple CVE-2012-0601 : Apple CVE-2012-0602 : Apple CVE-2012-0603 : Apple CVE-2012-0604 : Apple CVE-2012-0605 : Apple CVE-2012-0606 : Apple CVE-2012-0607 : Apple CVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0611 : Martin Barbella using AddressSanitizer CVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0615 : Martin Barbella using AddressSanitizer CVE-2012-0616 : miaubiz CVE-2012-0617 : Martin Barbella using AddressSanitizer CVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0621 : Martin Barbella using AddressSanitizer CVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome Security Team CVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0624 : Martin Barbella using AddressSanitizer CVE-2012-0625 : Martin Barbella CVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0627 : Apple CVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0630 : Sergio Villar Senin of Igalia CVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using AddressSanitizer CVE-2012-0633 : Apple CVE-2012-0635 : Julien Chaffraix of the Chromium development community, Martin Barbella using AddressSanitizer Installation note: This update is only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone, iPod touch or iPad is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone, iPod touch, or iPad. The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone, iPod touch, or iPad is docked to your computer. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "5.1". Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq 4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM bCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY RDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90 HAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6 7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY= =qPeE -----END PGP SIGNATURE-----

Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and Mac OS X set weak permissions for Firefox Recovery Key.html, which might allow local users to read a Firefox Sync key via standard filesystem operations. Mozilla Firefox and SeaMonkey are prone to an insecure file-permission vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. The vulnerability is caused by setting weak permissions on Firefox Recovery Key.html. Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages (CVE-2011-3670). Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame&#039;s name attribute (CVE-2012-0445). Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize data for image/vnd.microsoft.icon images, which allows remote attackers to obtain potentially sensitive information by reading a PNG image that was created through conversion from an ICO image (CVE-2012-0447). _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3659 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3670 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0442 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0443 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0444 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0445 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0446 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0449 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0450 http://www.mozilla.org/security/announce/2012/mfsa2012-01.html http://www.mozilla.org/security/announce/2012/mfsa2012-02.html http://www.mozilla.org/security/announce/2012/mfsa2012-03.html http://www.mozilla.org/security/announce/2012/mfsa2012-04.html http://www.mozilla.org/security/announce/2012/mfsa2012-05.html http://www.mozilla.org/security/announce/2012/mfsa2012-06.html http://www.mozilla.org/security/announce/2012/mfsa2012-07.html http://www.mozilla.org/security/announce/2012/mfsa2012-08.html http://www.mozilla.org/security/announce/2012/mfsa2012-09.html _______________________________________________________________________ Updated Packages: Mandriva Linux 2010.1: ed08680765d748831ecb5d6e3c7eb534 2010.1/i586/beagle-0.3.9-40.23mdv2010.2.i586.rpm 5bf4e8cdd5696b2eec6e556a961c5cfc 2010.1/i586/beagle-crawl-system-0.3.9-40.23mdv2010.2.i586.rpm b09c5aded4cc8c89d6f92c7a29f394b5 2010.1/i586/beagle-doc-0.3.9-40.23mdv2010.2.i586.rpm d5c53daa77454fd130217a7cbcd7bcc4 2010.1/i586/beagle-evolution-0.3.9-40.23mdv2010.2.i586.rpm 0d1f185ed7910925c63a7c481f1a31bd 2010.1/i586/beagle-gui-0.3.9-40.23mdv2010.2.i586.rpm 3247399cf46c0af2645c69e774f31db5 2010.1/i586/beagle-gui-qt-0.3.9-40.23mdv2010.2.i586.rpm 6fa5070a2a1fefa568a9b1e407ec2212 2010.1/i586/beagle-libs-0.3.9-40.23mdv2010.2.i586.rpm 33fc8ca3f988486b9193a6f2c8992a1c 2010.1/i586/firefox-3.6.26-0.1mdv2010.2.i586.rpm 5b12a310481a45692276ca1c05d7b65f 2010.1/i586/firefox-af-3.6.26-0.1mdv2010.2.i586.rpm 40487c48f04be956166b57eca90c2f15 2010.1/i586/firefox-ar-3.6.26-0.1mdv2010.2.i586.rpm c32f61fd9e39b9a762cb69a9ccbf63c7 2010.1/i586/firefox-be-3.6.26-0.1mdv2010.2.i586.rpm 6a6d144c21197f68bbde70ac69098c87 2010.1/i586/firefox-bg-3.6.26-0.1mdv2010.2.i586.rpm 960719d74ff691fb7ce845391b01c677 2010.1/i586/firefox-bn-3.6.26-0.1mdv2010.2.i586.rpm 59800f97626374f0a2863eda2c090b23 2010.1/i586/firefox-ca-3.6.26-0.1mdv2010.2.i586.rpm 59acef273c4094846e202721cb5c92a3 2010.1/i586/firefox-cs-3.6.26-0.1mdv2010.2.i586.rpm b8185a1c3ca9881a3271a407774629c5 2010.1/i586/firefox-cy-3.6.26-0.1mdv2010.2.i586.rpm ecbf7436c254bdbc24f8e1a1814f206a 2010.1/i586/firefox-da-3.6.26-0.1mdv2010.2.i586.rpm c54f06afbde13d0d81e86cecbc412bde 2010.1/i586/firefox-de-3.6.26-0.1mdv2010.2.i586.rpm b95d662f84a61f5e21668e147009c51d 2010.1/i586/firefox-devel-3.6.26-0.1mdv2010.2.i586.rpm a007806eabf45836135d0469d6e97ba8 2010.1/i586/firefox-el-3.6.26-0.1mdv2010.2.i586.rpm 7c37c57d82fe4801504459da25f0fe82 2010.1/i586/firefox-en_GB-3.6.26-0.1mdv2010.2.i586.rpm c096485f0e642fae296882d3ad8d926e 2010.1/i586/firefox-eo-3.6.26-0.1mdv2010.2.i586.rpm 4f5c4490881047d5b7fc9207451e90b7 2010.1/i586/firefox-es_AR-3.6.26-0.1mdv2010.2.i586.rpm 9f364cf843447d764040ef492ebd1f0c 2010.1/i586/firefox-es_ES-3.6.26-0.1mdv2010.2.i586.rpm 0e9db858f9adce126852c623a985e285 2010.1/i586/firefox-et-3.6.26-0.1mdv2010.2.i586.rpm d1c192bd678c2bc9eee8a3e3255eb570 2010.1/i586/firefox-eu-3.6.26-0.1mdv2010.2.i586.rpm 3229d6c05b5fd05f92fa3488751289ab 2010.1/i586/firefox-ext-beagle-0.3.9-40.23mdv2010.2.i586.rpm 6ced91e9529573a835808a0e63796aa2 2010.1/i586/firefox-ext-blogrovr-1.1.804-13.19mdv2010.2.i586.rpm 5ae3ff9aa40ba6f7cc4e6ee666169a22 2010.1/i586/firefox-ext-mozvoikko-1.0.1-2.19mdv2010.2.i586.rpm feffe492c285ec853328c22db930d18f 2010.1/i586/firefox-ext-r-kiosk-0.8.1-2.19mdv2010.2.i586.rpm 520fd0b15ea64f11c9a4268ad840b7e4 2010.1/i586/firefox-ext-scribefire-3.5.2-2.19mdv2010.2.i586.rpm 7d872cf15a63f1f2eaf2130141ecbd0d 2010.1/i586/firefox-ext-weave-sync-1.1-5.19mdv2010.2.i586.rpm 15ab1ada1ab4895b0c036f969c50ca4b 2010.1/i586/firefox-ext-xmarks-3.6.14-2.19mdv2010.2.i586.rpm be0f4a055365dd907d0947ca872af9af 2010.1/i586/firefox-fi-3.6.26-0.1mdv2010.2.i586.rpm 680f3d271762a1f9c45dd46149b97bb8 2010.1/i586/firefox-fr-3.6.26-0.1mdv2010.2.i586.rpm cee8839d2fbbe96289723b4d97e0ebe9 2010.1/i586/firefox-fy-3.6.26-0.1mdv2010.2.i586.rpm a4990061c6bba728a221d6c3cbe2a79f 2010.1/i586/firefox-ga_IE-3.6.26-0.1mdv2010.2.i586.rpm 0b7b042519a34fded3b2100edf628050 2010.1/i586/firefox-gl-3.6.26-0.1mdv2010.2.i586.rpm 0e030acb83a24e80805d1af34b032f98 2010.1/i586/firefox-gu_IN-3.6.26-0.1mdv2010.2.i586.rpm 27024ba17294dfb0de5c9c7da4a22f78 2010.1/i586/firefox-he-3.6.26-0.1mdv2010.2.i586.rpm 2f1cd540c6115785b7af82317694be36 2010.1/i586/firefox-hi-3.6.26-0.1mdv2010.2.i586.rpm ac7c60cba8dac9b02a336dd86393ef74 2010.1/i586/firefox-hu-3.6.26-0.1mdv2010.2.i586.rpm 8c08f07e5d3686c7e245142bd1d8aae2 2010.1/i586/firefox-id-3.6.26-0.1mdv2010.2.i586.rpm 4107afaec6ed628a15dc57ae3f2a1b0b 2010.1/i586/firefox-is-3.6.26-0.1mdv2010.2.i586.rpm 37bfe68ec85ebe460728608ce94f0160 2010.1/i586/firefox-it-3.6.26-0.1mdv2010.2.i586.rpm 16892a675616b7283e922402d7c53fa4 2010.1/i586/firefox-ja-3.6.26-0.1mdv2010.2.i586.rpm 218226de71ce59f9a0d08368c343763f 2010.1/i586/firefox-ka-3.6.26-0.1mdv2010.2.i586.rpm 9dbed3df6cd1b6a7d209d9dd5a7e036e 2010.1/i586/firefox-kn-3.6.26-0.1mdv2010.2.i586.rpm 2c3a593ef484585c09da496d8e322882 2010.1/i586/firefox-ko-3.6.26-0.1mdv2010.2.i586.rpm df51ea11b9e274558ce4166a9aadfd9a 2010.1/i586/firefox-ku-3.6.26-0.1mdv2010.2.i586.rpm 5aa962f97a4dc2e41f1e09fac1d96e0c 2010.1/i586/firefox-lt-3.6.26-0.1mdv2010.2.i586.rpm c441e78ad96cfa818c4449f014c0e569 2010.1/i586/firefox-lv-3.6.26-0.1mdv2010.2.i586.rpm 1b51a09e7b516b5cd0e3fbfdeee8b8ce 2010.1/i586/firefox-mk-3.6.26-0.1mdv2010.2.i586.rpm ac4d7417423bb21ccecb13af0f09bcd5 2010.1/i586/firefox-mr-3.6.26-0.1mdv2010.2.i586.rpm 821bfd876a2e3e61c6faa8ffd1d88a80 2010.1/i586/firefox-nb_NO-3.6.26-0.1mdv2010.2.i586.rpm 8e40966f3c2ac565a2a2c08e7348998d 2010.1/i586/firefox-nl-3.6.26-0.1mdv2010.2.i586.rpm 198ca21eaf293abed8b6a5383bffc7a8 2010.1/i586/firefox-nn_NO-3.6.26-0.1mdv2010.2.i586.rpm e87d05355ca1e8f34743c0a0e146bb8d 2010.1/i586/firefox-oc-3.6.26-0.1mdv2010.2.i586.rpm 3b4cd3044aa9b0a6a5015c63da18b334 2010.1/i586/firefox-pa_IN-3.6.26-0.1mdv2010.2.i586.rpm eb0c1c83f0c726ce416512b001df734c 2010.1/i586/firefox-pl-3.6.26-0.1mdv2010.2.i586.rpm e237f1e04d9c6d684078718a4687ed2a 2010.1/i586/firefox-pt_BR-3.6.26-0.1mdv2010.2.i586.rpm 7de869f53f4d4067beed73b679ed0d74 2010.1/i586/firefox-pt_PT-3.6.26-0.1mdv2010.2.i586.rpm d2b5cf9f3b8915769130725b9a4ac139 2010.1/i586/firefox-ro-3.6.26-0.1mdv2010.2.i586.rpm 971cf9e2dbe1a78f0bd4d6c792d19abc 2010.1/i586/firefox-ru-3.6.26-0.1mdv2010.2.i586.rpm 13fe16cbd2bd0792895f99c149786ac0 2010.1/i586/firefox-si-3.6.26-0.1mdv2010.2.i586.rpm f3ffac74c148f8f80642c41d9bd04903 2010.1/i586/firefox-sk-3.6.26-0.1mdv2010.2.i586.rpm 3db2e2383963187f79940ff8bec5cac9 2010.1/i586/firefox-sl-3.6.26-0.1mdv2010.2.i586.rpm 5fd3feb98c9c941199e65a8df648daf2 2010.1/i586/firefox-sq-3.6.26-0.1mdv2010.2.i586.rpm 8f8804e884e282817bc43a6e0ce8453d 2010.1/i586/firefox-sr-3.6.26-0.1mdv2010.2.i586.rpm fd62987c60f212d976e87ecf6990fb0f 2010.1/i586/firefox-sv_SE-3.6.26-0.1mdv2010.2.i586.rpm 7e858d15a19aa970a758be924c9f8876 2010.1/i586/firefox-te-3.6.26-0.1mdv2010.2.i586.rpm 3235ec5cb68f97d675dcd87572db56d8 2010.1/i586/firefox-th-3.6.26-0.1mdv2010.2.i586.rpm 751d2108e3a72cfc458d0c73c199853d 2010.1/i586/firefox-tr-3.6.26-0.1mdv2010.2.i586.rpm 5d6bc8db63152fdd6c1b55e8ad0a421b 2010.1/i586/firefox-uk-3.6.26-0.1mdv2010.2.i586.rpm 72d65ab26a8526a313179514d5348339 2010.1/i586/firefox-zh_CN-3.6.26-0.1mdv2010.2.i586.rpm 3cb9c0f5df9d6101f2dfffecaec2f887 2010.1/i586/firefox-zh_TW-3.6.26-0.1mdv2010.2.i586.rpm 797ce9f8ddef5acf2ae37159a9bc0994 2010.1/i586/gjs-0.6-4.19mdv2010.2.i586.rpm 3a12f822eb37d894471da32348967192 2010.1/i586/gnome-python-extras-2.25.3-18.19mdv2010.2.i586.rpm 456344ffe14ba55e51039cc7166109ae 2010.1/i586/gnome-python-gda-2.25.3-18.19mdv2010.2.i586.rpm cb1c75aae533b6eb66e6f4c5bd02ca09 2010.1/i586/gnome-python-gda-devel-2.25.3-18.19mdv2010.2.i586.rpm 37b1c7527174fd64a4130a4e0594317f 2010.1/i586/gnome-python-gdl-2.25.3-18.19mdv2010.2.i586.rpm 0ff5acb5b45d8c7bc360163f0d7d49db 2010.1/i586/gnome-python-gtkhtml2-2.25.3-18.19mdv2010.2.i586.rpm f854a4feeffb2a73073d0ae4a64a802c 2010.1/i586/gnome-python-gtkmozembed-2.25.3-18.19mdv2010.2.i586.rpm 6eaa78a338bce27a95befff06df639b4 2010.1/i586/gnome-python-gtkspell-2.25.3-18.19mdv2010.2.i586.rpm be3171370c32d01cd40b94f0e1634d13 2010.1/i586/libgjs0-0.6-4.19mdv2010.2.i586.rpm eb7643daa3ed97676e64787bd44e3ae9 2010.1/i586/libgjs-devel-0.6-4.19mdv2010.2.i586.rpm 5e13d20b71e9bf217010f0d914f4155f 2010.1/i586/libxulrunner1.9.2.26-1.9.2.26-0.1mdv2010.2.i586.rpm 49f3c56c0525847c46af26eb3534c793 2010.1/i586/libxulrunner-devel-1.9.2.26-0.1mdv2010.2.i586.rpm e1038da5bcaee0292d4d1d0de4b4f19d 2010.1/i586/mozilla-thunderbird-3.1.18-0.1mdv2010.2.i586.rpm 4a0d0225df03d8f69ca529bfa37c7bfd 2010.1/i586/mozilla-thunderbird-af-3.1.18-0.1mdv2010.2.noarch.rpm 8c45f041593b15305385a8169efc3009 2010.1/i586/mozilla-thunderbird-ar-3.1.18-0.1mdv2010.2.noarch.rpm afa2bf7449b05857b17cb850af5bb937 2010.1/i586/mozilla-thunderbird-be-3.1.18-0.1mdv2010.2.noarch.rpm e2252684812090f85fdcc98edc36b6b3 2010.1/i586/mozilla-thunderbird-beagle-0.3.9-40.23mdv2010.2.i586.rpm d5b964d34d750a8c6003845873fd0718 2010.1/i586/mozilla-thunderbird-bg-3.1.18-0.1mdv2010.2.noarch.rpm e2f9af844438c5876bad640f6d8642ca 2010.1/i586/mozilla-thunderbird-bn_BD-3.1.18-0.1mdv2010.2.noarch.rpm 21860df9ae312bea7a70974a4df1aaf0 2010.1/i586/mozilla-thunderbird-ca-3.1.18-0.1mdv2010.2.noarch.rpm fa2cdbfd4e64c2c32c140cd46810901c 2010.1/i586/mozilla-thunderbird-cs-3.1.18-0.1mdv2010.2.noarch.rpm 23564c03193d0666769420f513f918ff 2010.1/i586/mozilla-thunderbird-da-3.1.18-0.1mdv2010.2.noarch.rpm 690caca5a5693c13a639410946a9290a 2010.1/i586/mozilla-thunderbird-de-3.1.18-0.1mdv2010.2.noarch.rpm 54894f8dfadbee0df1bddf5ca8e0894e 2010.1/i586/mozilla-thunderbird-el-3.1.18-0.1mdv2010.2.noarch.rpm f12894278062e16f5619513cbb41691d 2010.1/i586/mozilla-thunderbird-en_GB-3.1.18-0.1mdv2010.2.noarch.rpm 09eebac60c67551d6405dcfbfcf58a97 2010.1/i586/mozilla-thunderbird-enigmail-3.1.18-0.1mdv2010.2.i586.rpm 417c870bfd2d25c062e7c78bbe579658 2010.1/i586/mozilla-thunderbird-enigmail-ar-3.1.18-0.1mdv2010.2.noarch.rpm d898b9486134981a73cb5506a5d766f0 2010.1/i586/mozilla-thunderbird-enigmail-ca-3.1.18-0.1mdv2010.2.noarch.rpm 44532e4a861ad08a20a1b316540d826e 2010.1/i586/mozilla-thunderbird-enigmail-cs-3.1.18-0.1mdv2010.2.noarch.rpm 0dca7db759b568ac31c0e861662c822d 2010.1/i586/mozilla-thunderbird-enigmail-de-3.1.18-0.1mdv2010.2.noarch.rpm bc8c14e3ff3f066308a884e93ca5084d 2010.1/i586/mozilla-thunderbird-enigmail-el-3.1.18-0.1mdv2010.2.noarch.rpm 7732fe882c7e1e5e3a1b06c9d74eba67 2010.1/i586/mozilla-thunderbird-enigmail-es-3.1.18-0.1mdv2010.2.noarch.rpm f42a6a513ef59e171e398f2649ffed7e 2010.1/i586/mozilla-thunderbird-enigmail-fi-3.1.18-0.1mdv2010.2.noarch.rpm 9e46eb74890488bc3ade5777eaac4565 2010.1/i586/mozilla-thunderbird-enigmail-fr-3.1.18-0.1mdv2010.2.noarch.rpm 33301a191495e738186d12830a9ca880 2010.1/i586/mozilla-thunderbird-enigmail-hu-3.1.18-0.1mdv2010.2.noarch.rpm 2ceebc65ed5b10d225fe7c7781ded4e7 2010.1/i586/mozilla-thunderbird-enigmail-it-3.1.18-0.1mdv2010.2.noarch.rpm fb7d467309dee3af975448700d774006 2010.1/i586/mozilla-thunderbird-enigmail-ja-3.1.18-0.1mdv2010.2.noarch.rpm 98f20a1681a7c893ebf09eae9328ab30 2010.1/i586/mozilla-thunderbird-enigmail-ko-3.1.18-0.1mdv2010.2.noarch.rpm c28de4fc36b92278f71f551d8f5717cd 2010.1/i586/mozilla-thunderbird-enigmail-nb-3.1.18-0.1mdv2010.2.noarch.rpm c460804f62cd79a5465f5ff93a40b018 2010.1/i586/mozilla-thunderbird-enigmail-nl-3.1.18-0.1mdv2010.2.noarch.rpm 68be0510b6782eeece13bd71580b540c 2010.1/i586/mozilla-thunderbird-enigmail-pl-3.1.18-0.1mdv2010.2.noarch.rpm 2d922839d67c6f034a4341aa425b96f0 2010.1/i586/mozilla-thunderbird-enigmail-pt-3.1.18-0.1mdv2010.2.noarch.rpm bb3f3d93e78cdf3b0b6c0708cad90105 2010.1/i586/mozilla-thunderbird-enigmail-pt_BR-3.1.18-0.1mdv2010.2.noarch.rpm a59f06c683011848039ed9d3c44c7cb6 2010.1/i586/mozilla-thunderbird-enigmail-ru-3.1.18-0.1mdv2010.2.noarch.rpm aea166123edc8b8dc5a4614d2975849c 2010.1/i586/mozilla-thunderbird-enigmail-sl-3.1.18-0.1mdv2010.2.noarch.rpm 3e40f8d3bec5eb92fa762baf5c7efdb3 2010.1/i586/mozilla-thunderbird-enigmail-sv-3.1.18-0.1mdv2010.2.noarch.rpm 269162b2acd774769fe8ffeed9e281b3 2010.1/i586/mozilla-thunderbird-enigmail-tr-3.1.18-0.1mdv2010.2.noarch.rpm 0bbdab69aa7595dd89b0cbdbc578e45c 2010.1/i586/mozilla-thunderbird-enigmail-vi-3.1.18-0.1mdv2010.2.noarch.rpm b95f31811ac27e8304631ac7105149cf 2010.1/i586/mozilla-thunderbird-enigmail-zh_CN-3.1.18-0.1mdv2010.2.noarch.rpm fc87b14df4e5a95d3c118e370322bcd4 2010.1/i586/mozilla-thunderbird-enigmail-zh_TW-3.1.18-0.1mdv2010.2.noarch.rpm 466193ccec737d463b4055615fb39a8f 2010.1/i586/mozilla-thunderbird-es_AR-3.1.18-0.1mdv2010.2.noarch.rpm 6d0859f204c182446e24063538777b8c 2010.1/i586/mozilla-thunderbird-es_ES-3.1.18-0.1mdv2010.2.noarch.rpm fa36f6d13f3d3f66adedfe48bbb24976 2010.1/i586/mozilla-thunderbird-et-3.1.18-0.1mdv2010.2.noarch.rpm 1df1475151ae67a95771f4445b3f86fd 2010.1/i586/mozilla-thunderbird-et_EE-3.1.18-0.1mdv2010.2.noarch.rpm 63ac935202203fe6898d50b0375d3cc5 2010.1/i586/mozilla-thunderbird-eu-3.1.18-0.1mdv2010.2.noarch.rpm 55cd31880acd0fdd70aa681b36f4251d 2010.1/i586/mozilla-thunderbird-fi-3.1.18-0.1mdv2010.2.noarch.rpm 25c1eb3b325eb773a472691d3c9de385 2010.1/i586/mozilla-thunderbird-fr-3.1.18-0.1mdv2010.2.noarch.rpm 643c7a64c5d1f610303b57dac630952f 2010.1/i586/mozilla-thunderbird-fy-3.1.18-0.1mdv2010.2.noarch.rpm 01eb5bc6605fdb1dde658f324d876a7c 2010.1/i586/mozilla-thunderbird-ga-3.1.18-0.1mdv2010.2.noarch.rpm e5fd6c10dd4c480278467d06d3f63881 2010.1/i586/mozilla-thunderbird-gd-3.1.18-0.1mdv2010.2.noarch.rpm e2f64e156e1cdb6f0dd0c4b3a0073faa 2010.1/i586/mozilla-thunderbird-gl-3.1.18-0.1mdv2010.2.noarch.rpm a667ce5cf0aed49ead15e04428daca3a 2010.1/i586/mozilla-thunderbird-he-3.1.18-0.1mdv2010.2.noarch.rpm c0f3354493b0ddee33d44f21a2307d81 2010.1/i586/mozilla-thunderbird-hu-3.1.18-0.1mdv2010.2.noarch.rpm 290c91b3c9d3a045728e31cb6ef0c4ef 2010.1/i586/mozilla-thunderbird-id-3.1.18-0.1mdv2010.2.noarch.rpm bd657f19c324839c5923691b142eca64 2010.1/i586/mozilla-thunderbird-is-3.1.18-0.1mdv2010.2.noarch.rpm 20b013678261f787cd3b01896fe4ba11 2010.1/i586/mozilla-thunderbird-it-3.1.18-0.1mdv2010.2.noarch.rpm ff60ee2cd23154a15da8a3a981468010 2010.1/i586/mozilla-thunderbird-ja-3.1.18-0.1mdv2010.2.noarch.rpm 7dc50e9e1318a7604e361dff1f1519f6 2010.1/i586/mozilla-thunderbird-ka-3.1.18-0.1mdv2010.2.noarch.rpm 0c6fe05f871cf2dc1450d72c4633fd3d 2010.1/i586/mozilla-thunderbird-ko-3.1.18-0.1mdv2010.2.noarch.rpm e4fb288680ec58f8e3fc9c22c49aaf69 2010.1/i586/mozilla-thunderbird-lightning-3.1.18-0.1mdv2010.2.i586.rpm e5f77892b2bcbd0fe09248f7130b4119 2010.1/i586/mozilla-thunderbird-lt-3.1.18-0.1mdv2010.2.noarch.rpm 56afb3d84c3a35d1c997922e0d8fbe71 2010.1/i586/mozilla-thunderbird-nb_NO-3.1.18-0.1mdv2010.2.noarch.rpm b0ec9c304c48fb764df3d128be07bffe 2010.1/i586/mozilla-thunderbird-nl-3.1.18-0.1mdv2010.2.noarch.rpm 1bda31f078d168304d7ce24ca1fd37cd 2010.1/i586/mozilla-thunderbird-nn_NO-3.1.18-0.1mdv2010.2.noarch.rpm cc48e335195f45f8df33764dd15aa1fa 2010.1/i586/mozilla-thunderbird-pa_IN-3.1.18-0.1mdv2010.2.noarch.rpm f5187cdd49b27b6dcd4e252d21fd5c8f 2010.1/i586/mozilla-thunderbird-pl-3.1.18-0.1mdv2010.2.noarch.rpm f87e0b3e3c20a289fb409c8b66817340 2010.1/i586/mozilla-thunderbird-pt_BR-3.1.18-0.1mdv2010.2.noarch.rpm b1483599beca8a93105d3beab778db40 2010.1/i586/mozilla-thunderbird-pt_PT-3.1.18-0.1mdv2010.2.noarch.rpm 0533f0307165b50407e54d6eaff63613 2010.1/i586/mozilla-thunderbird-ro-3.1.18-0.1mdv2010.2.noarch.rpm f658cf5b819d7f185e5b141352ab3c48 2010.1/i586/mozilla-thunderbird-ru-3.1.18-0.1mdv2010.2.noarch.rpm 2a58614ad599a701c6a928134e278bc5 2010.1/i586/mozilla-thunderbird-si-3.1.18-0.1mdv2010.2.noarch.rpm 6b6fc7bfbd6be1fbc4f3855a21888339 2010.1/i586/mozilla-thunderbird-sk-3.1.18-0.1mdv2010.2.noarch.rpm d9ca7339799bd93cbfb2181125e1d6f8 2010.1/i586/mozilla-thunderbird-sl-3.1.18-0.1mdv2010.2.noarch.rpm f18139a3d5dc15921e82f39361e66272 2010.1/i586/mozilla-thunderbird-sq-3.1.18-0.1mdv2010.2.noarch.rpm 47281130184aa53d95fda73fb8b12902 2010.1/i586/mozilla-thunderbird-sr-3.1.18-0.1mdv2010.2.noarch.rpm 9be034e24d19b8187866a53eac62ba9e 2010.1/i586/mozilla-thunderbird-sv_SE-3.1.18-0.1mdv2010.2.noarch.rpm 168d2829c1f874554704cdc8135de4d6 2010.1/i586/mozilla-thunderbird-tr-3.1.18-0.1mdv2010.2.noarch.rpm 9145c897d7612d2bee5fdde7c744e436 2010.1/i586/mozilla-thunderbird-uk-3.1.18-0.1mdv2010.2.noarch.rpm 0cb5ede67b2124b566d337688d85c0d1 2010.1/i586/mozilla-thunderbird-vi-3.1.18-0.1mdv2010.2.noarch.rpm dfce71559c7b716e24bb8c7325f25a30 2010.1/i586/mozilla-thunderbird-zh_CN-3.1.18-0.1mdv2010.2.noarch.rpm 984f4dc3b7bb1d8a2a4499fe3b7d88c4 2010.1/i586/mozilla-thunderbird-zh_TW-3.1.18-0.1mdv2010.2.noarch.rpm 763d772b20ef24314036b9edf39e1af0 2010.1/i586/nsinstall-3.1.18-0.1mdv2010.2.i586.rpm 29a1c6ec58f1fb17085e1f1ca1e3e545 2010.1/i586/xulrunner-1.9.2.26-0.1mdv2010.2.i586.rpm 33c6d93bf59317d0e4d8cc34cfca9eb9 2010.1/i586/yelp-2.30.1-4.19mdv2010.2.i586.rpm ecb0619e9d5b9dc284453319c3b91cde 2010.1/SRPMS/beagle-0.3.9-40.23mdv2010.2.src.rpm f37ef9a4bccf18bbc2d15b21a86eab0a 2010.1/SRPMS/firefox-3.6.26-0.1mdv2010.2.src.rpm 52ce7f8b330052f84371f88faadb09d5 2010.1/SRPMS/firefox-ext-blogrovr-1.1.804-13.19mdv2010.2.src.rpm 2213836ae9afecaead9bde85f8db3205 2010.1/SRPMS/firefox-ext-mozvoikko-1.0.1-2.19mdv2010.2.src.rpm 6494a449c2b6cd353c3c01415463cc9a 2010.1/SRPMS/firefox-ext-r-kiosk-0.8.1-2.19mdv2010.2.src.rpm b581d8d8ce0bfc5cf1f11cd1a6fdb755 2010.1/SRPMS/firefox-ext-scribefire-3.5.2-2.19mdv2010.2.src.rpm 279b2293726d456c3f7096566c0cce69 2010.1/SRPMS/firefox-ext-weave-sync-1.1-5.19mdv2010.2.src.rpm b7565777794e4a729ea6287bfdbbd683 2010.1/SRPMS/firefox-ext-xmarks-3.6.14-2.19mdv2010.2.src.rpm e1c3d4f1503b249bed939a66997683ab 2010.1/SRPMS/firefox-l10n-3.6.26-0.1mdv2010.2.src.rpm 84b6c4f7d9bad0fb047dc77a18555178 2010.1/SRPMS/gjs-0.6-4.19mdv2010.2.src.rpm c83147dc840efb907942edd41135b848 2010.1/SRPMS/gnome-python-extras-2.25.3-18.19mdv2010.2.src.rpm 920b90b50a796b16206112f961dc4cce 2010.1/SRPMS/mozilla-thunderbird-3.1.18-0.1mdv2010.2.src.rpm 6dacbc05902cee32cc9db2f05b115f1c 2010.1/SRPMS/mozilla-thunderbird-l10n-3.1.18-0.1mdv2010.2.src.rpm 9373ed2d976825c2ea059ebdf793ef68 2010.1/SRPMS/xulrunner-1.9.2.26-0.1mdv2010.2.src.rpm 46befcf6e5c1d1576d011e5a9650d7c1 2010.1/SRPMS/yelp-2.30.1-4.19mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 38f3263dbf68ed59701d95d0435f17dd 2010.1/x86_64/beagle-0.3.9-40.23mdv2010.2.x86_64.rpm e6506d26a1df580959e926d9b9d64fd6 2010.1/x86_64/beagle-crawl-system-0.3.9-40.23mdv2010.2.x86_64.rpm 183c5720fb54f090bd32610a20edaa18 2010.1/x86_64/beagle-doc-0.3.9-40.23mdv2010.2.x86_64.rpm 36f4fb4d13cacbfe25483ee49f91da22 2010.1/x86_64/beagle-evolution-0.3.9-40.23mdv2010.2.x86_64.rpm 1979bd5cf93b80e20fc001be17d34656 2010.1/x86_64/beagle-gui-0.3.9-40.23mdv2010.2.x86_64.rpm 27d90cbd3a7f51129e753021b19389e1 2010.1/x86_64/beagle-gui-qt-0.3.9-40.23mdv2010.2.x86_64.rpm eb79d6f7e76502ab24fa47c23017a11d 2010.1/x86_64/beagle-libs-0.3.9-40.23mdv2010.2.x86_64.rpm 807c2f98c849e0af0b6cfbe38e1bf02e 2010.1/x86_64/firefox-3.6.26-0.1mdv2010.2.x86_64.rpm 5f9477a7ac264c4b5198b14052e2f667 2010.1/x86_64/firefox-af-3.6.26-0.1mdv2010.2.x86_64.rpm 4500b9d4495091c430205c369403018d 2010.1/x86_64/firefox-ar-3.6.26-0.1mdv2010.2.x86_64.rpm f60978700bbd7b93b0579b3a6471a0f9 2010.1/x86_64/firefox-be-3.6.26-0.1mdv2010.2.x86_64.rpm d3804ddbffe110f51b3821cbec6ae19d 2010.1/x86_64/firefox-bg-3.6.26-0.1mdv2010.2.x86_64.rpm 9ddd282e26f3c7067036314c548a46c2 2010.1/x86_64/firefox-bn-3.6.26-0.1mdv2010.2.x86_64.rpm 2e8fa3895345a5aecbc320924b4c0afb 2010.1/x86_64/firefox-ca-3.6.26-0.1mdv2010.2.x86_64.rpm be5168e38714595871d7406827a62220 2010.1/x86_64/firefox-cs-3.6.26-0.1mdv2010.2.x86_64.rpm 04081b2f3a6541e57b6fd257d3757677 2010.1/x86_64/firefox-cy-3.6.26-0.1mdv2010.2.x86_64.rpm 270300f3592e8ffe9941435aea68729e 2010.1/x86_64/firefox-da-3.6.26-0.1mdv2010.2.x86_64.rpm aa315dae9497dd7f99f2ba2d79d37991 2010.1/x86_64/firefox-de-3.6.26-0.1mdv2010.2.x86_64.rpm e55fb1e19d5322412ad25590fbfd7fa7 2010.1/x86_64/firefox-devel-3.6.26-0.1mdv2010.2.x86_64.rpm 69c422bf98e9bccdf06dca4d23db4ab2 2010.1/x86_64/firefox-el-3.6.26-0.1mdv2010.2.x86_64.rpm 58767d042646ae26bc1c756d4d3b637c 2010.1/x86_64/firefox-en_GB-3.6.26-0.1mdv2010.2.x86_64.rpm a6722b1aadf45b94aa1bd8e80a846c36 2010.1/x86_64/firefox-eo-3.6.26-0.1mdv2010.2.x86_64.rpm 5f39525493c1bfaf660ca79c16d2edc6 2010.1/x86_64/firefox-es_AR-3.6.26-0.1mdv2010.2.x86_64.rpm a733388ccfcadc91b3030feaff8192b8 2010.1/x86_64/firefox-es_ES-3.6.26-0.1mdv2010.2.x86_64.rpm 67c3a7f66ac5dbf2efd763a6ad667d02 2010.1/x86_64/firefox-et-3.6.26-0.1mdv2010.2.x86_64.rpm be95bb6c5e2aea0f7834bfaee8cafcf0 2010.1/x86_64/firefox-eu-3.6.26-0.1mdv2010.2.x86_64.rpm 52a6067d637855b81ab5fbe52f70be13 2010.1/x86_64/firefox-ext-beagle-0.3.9-40.23mdv2010.2.x86_64.rpm e914b0b7015841585a43c2f09d009275 2010.1/x86_64/firefox-ext-blogrovr-1.1.804-13.19mdv2010.2.x86_64.rpm a71c0c894f0e2f28feab5ebe927afb88 2010.1/x86_64/firefox-ext-mozvoikko-1.0.1-2.19mdv2010.2.x86_64.rpm 57e074a8fb8db136440b2fd079343a78 2010.1/x86_64/firefox-ext-r-kiosk-0.8.1-2.19mdv2010.2.x86_64.rpm 71bdc17070ef38d775464b76f306fac2 2010.1/x86_64/firefox-ext-scribefire-3.5.2-2.19mdv2010.2.x86_64.rpm af247f6e3938eecd511e96987491adb3 2010.1/x86_64/firefox-ext-weave-sync-1.1-5.19mdv2010.2.x86_64.rpm 6b905a3f5ceb6ba3d9946de285add784 2010.1/x86_64/firefox-ext-xmarks-3.6.14-2.19mdv2010.2.x86_64.rpm d5ac395dda7375bdc35a6a218d4398f9 2010.1/x86_64/firefox-fi-3.6.26-0.1mdv2010.2.x86_64.rpm 6e689a1bb0a9b986f049dbcefc9060be 2010.1/x86_64/firefox-fr-3.6.26-0.1mdv2010.2.x86_64.rpm 8ee6a224acdecd68f18d073fd6597ddc 2010.1/x86_64/firefox-fy-3.6.26-0.1mdv2010.2.x86_64.rpm 0ff5e0301b2292a33c9d56416d08e4a8 2010.1/x86_64/firefox-ga_IE-3.6.26-0.1mdv2010.2.x86_64.rpm ca100f22de20985ab927e74276d15ead 2010.1/x86_64/firefox-gl-3.6.26-0.1mdv2010.2.x86_64.rpm b678a9f996915f4ef92b1c49b308cc6b 2010.1/x86_64/firefox-gu_IN-3.6.26-0.1mdv2010.2.x86_64.rpm 56d1a3c9e6d8b23a0fe387eb04154765 2010.1/x86_64/firefox-he-3.6.26-0.1mdv2010.2.x86_64.rpm efcbc554d9eb98382f2436c63c746e1b 2010.1/x86_64/firefox-hi-3.6.26-0.1mdv2010.2.x86_64.rpm ee0d8cd923f12d541d451fc0e0455df0 2010.1/x86_64/firefox-hu-3.6.26-0.1mdv2010.2.x86_64.rpm 7894b39a928553e43e03e856eda7ed3a 2010.1/x86_64/firefox-id-3.6.26-0.1mdv2010.2.x86_64.rpm 432d548bf3ce82be86e8daf5b90e1576 2010.1/x86_64/firefox-is-3.6.26-0.1mdv2010.2.x86_64.rpm 67e02ba7d2e04677d658205fe1bb89ee 2010.1/x86_64/firefox-it-3.6.26-0.1mdv2010.2.x86_64.rpm b9cecd1dfdaa002de02bb53abbc6e311 2010.1/x86_64/firefox-ja-3.6.26-0.1mdv2010.2.x86_64.rpm bcb9a9f20f312884256ae67e3a37753a 2010.1/x86_64/firefox-ka-3.6.26-0.1mdv2010.2.x86_64.rpm 3ee18d0a2c4c52014c94dbce11246bc6 2010.1/x86_64/firefox-kn-3.6.26-0.1mdv2010.2.x86_64.rpm 3977e06b4e5fa6962dc71a915f938e39 2010.1/x86_64/firefox-ko-3.6.26-0.1mdv2010.2.x86_64.rpm f799a70ca847a06069fbf49ed0d3076d 2010.1/x86_64/firefox-ku-3.6.26-0.1mdv2010.2.x86_64.rpm 671454f1e9afbc4e0c8024d85da8586f 2010.1/x86_64/firefox-lt-3.6.26-0.1mdv2010.2.x86_64.rpm 5f07105efbe1a41bc0e05d4e54fbf96a 2010.1/x86_64/firefox-lv-3.6.26-0.1mdv2010.2.x86_64.rpm 611e058bf0e9fba09ef36e0d41f7b525 2010.1/x86_64/firefox-mk-3.6.26-0.1mdv2010.2.x86_64.rpm 0ff967ffefb1fd2421d148133d72ec66 2010.1/x86_64/firefox-mr-3.6.26-0.1mdv2010.2.x86_64.rpm b9b874b988f11649b29a6e73b2512e9b 2010.1/x86_64/firefox-nb_NO-3.6.26-0.1mdv2010.2.x86_64.rpm 9504564d022acc582966e0f86c6e2440 2010.1/x86_64/firefox-nl-3.6.26-0.1mdv2010.2.x86_64.rpm a66498bdaaf25b24ed9c9bad1f4fe8bd 2010.1/x86_64/firefox-nn_NO-3.6.26-0.1mdv2010.2.x86_64.rpm f674ed6e343feb86fb9164234bf73e38 2010.1/x86_64/firefox-oc-3.6.26-0.1mdv2010.2.x86_64.rpm 69452105c37cf07800d9a1bb2a7b7005 2010.1/x86_64/firefox-pa_IN-3.6.26-0.1mdv2010.2.x86_64.rpm 5951efb1fafcef20c5366ccbe279d395 2010.1/x86_64/firefox-pl-3.6.26-0.1mdv2010.2.x86_64.rpm 170925d749c61780fe3a09e50e043bce 2010.1/x86_64/firefox-pt_BR-3.6.26-0.1mdv2010.2.x86_64.rpm 85f0bdbeadfebb58dc4b01dc3f9d7b1e 2010.1/x86_64/firefox-pt_PT-3.6.26-0.1mdv2010.2.x86_64.rpm d77ecb05181f096cca030fccc47f812f 2010.1/x86_64/firefox-ro-3.6.26-0.1mdv2010.2.x86_64.rpm f69281563aea356d8772f893b3db1c12 2010.1/x86_64/firefox-ru-3.6.26-0.1mdv2010.2.x86_64.rpm cd70961d26fb9f7c23d90c5b84e3de95 2010.1/x86_64/firefox-si-3.6.26-0.1mdv2010.2.x86_64.rpm ac92b884143203051263e32630f8c544 2010.1/x86_64/firefox-sk-3.6.26-0.1mdv2010.2.x86_64.rpm 39ffbb170f92f5561f2ee52235817146 2010.1/x86_64/firefox-sl-3.6.26-0.1mdv2010.2.x86_64.rpm 9543caa061077756f714e7485d88b69b 2010.1/x86_64/firefox-sq-3.6.26-0.1mdv2010.2.x86_64.rpm 644286c1a1fee7f503cbb964d499c85b 2010.1/x86_64/firefox-sr-3.6.26-0.1mdv2010.2.x86_64.rpm e8ddf8a3c09e53b29fb20e0cea1ccccd 2010.1/x86_64/firefox-sv_SE-3.6.26-0.1mdv2010.2.x86_64.rpm 1c446fd008b2fd0ee55627a8d1eab008 2010.1/x86_64/firefox-te-3.6.26-0.1mdv2010.2.x86_64.rpm 42a4e68713a96e232ec9a2b5da28621d 2010.1/x86_64/firefox-th-3.6.26-0.1mdv2010.2.x86_64.rpm 61a0ece73562e4ca1dc28410d710d131 2010.1/x86_64/firefox-tr-3.6.26-0.1mdv2010.2.x86_64.rpm 856ffa777da329d1a7e7f2c29486538f 2010.1/x86_64/firefox-uk-3.6.26-0.1mdv2010.2.x86_64.rpm f4db21db937841a94a23d8cd43ee16f4 2010.1/x86_64/firefox-zh_CN-3.6.26-0.1mdv2010.2.x86_64.rpm 51cdeb5fd6441f3cfd8b804cf584f048 2010.1/x86_64/firefox-zh_TW-3.6.26-0.1mdv2010.2.x86_64.rpm 5f416f9ecd37fb1d85954757d5711c60 2010.1/x86_64/gjs-0.6-4.19mdv2010.2.x86_64.rpm 8d7ceec7afa79bbce83032e1e6fd8c85 2010.1/x86_64/gnome-python-extras-2.25.3-18.19mdv2010.2.x86_64.rpm 708e919fe896a161fc31c5685e36fed5 2010.1/x86_64/gnome-python-gda-2.25.3-18.19mdv2010.2.x86_64.rpm 1c08fdb9b648ac82b3c70cbbe218aed5 2010.1/x86_64/gnome-python-gda-devel-2.25.3-18.19mdv2010.2.x86_64.rpm 926d179b7421df36bb278a808aadabd9 2010.1/x86_64/gnome-python-gdl-2.25.3-18.19mdv2010.2.x86_64.rpm 5cd9ba5f3d9b7970e1d15d07eaf1a7a2 2010.1/x86_64/gnome-python-gtkhtml2-2.25.3-18.19mdv2010.2.x86_64.rpm a4dbb7a72cd35168a469de1fe629dde9 2010.1/x86_64/gnome-python-gtkmozembed-2.25.3-18.19mdv2010.2.x86_64.rpm 5bfbc5ca63e97888a67a25b694322769 2010.1/x86_64/gnome-python-gtkspell-2.25.3-18.19mdv2010.2.x86_64.rpm 2473033888df090a58a1b6f8f6f87da7 2010.1/x86_64/lib64gjs0-0.6-4.19mdv2010.2.x86_64.rpm 219b90efa43b8cd5591b1e0224e371cc 2010.1/x86_64/lib64gjs-devel-0.6-4.19mdv2010.2.x86_64.rpm 7f28eb026ddce0169cd407ba13128290 2010.1/x86_64/lib64xulrunner1.9.2.26-1.9.2.26-0.1mdv2010.2.x86_64.rpm bba6751f8c5298a52d6326db6b523cfd 2010.1/x86_64/lib64xulrunner-devel-1.9.2.26-0.1mdv2010.2.x86_64.rpm 786020bf7695bdad8162e999f7581fa5 2010.1/x86_64/mozilla-thunderbird-3.1.18-0.1mdv2010.2.x86_64.rpm 36feace9cde0b8eabb8682b43b958672 2010.1/x86_64/mozilla-thunderbird-af-3.1.18-0.1mdv2010.2.noarch.rpm 0b92db0f6159761a3f84532a97d0dfd7 2010.1/x86_64/mozilla-thunderbird-ar-3.1.18-0.1mdv2010.2.noarch.rpm c61fcfe4aec0ed9e8cae97454ca05bc2 2010.1/x86_64/mozilla-thunderbird-be-3.1.18-0.1mdv2010.2.noarch.rpm d0e0e9caf618ec474c384f67833afa14 2010.1/x86_64/mozilla-thunderbird-beagle-0.3.9-40.23mdv2010.2.x86_64.rpm d0fdec8991a26d9373c2f969dc442e9e 2010.1/x86_64/mozilla-thunderbird-bg-3.1.18-0.1mdv2010.2.noarch.rpm c5cab0fc27e3b8717a9af58a8c994d17 2010.1/x86_64/mozilla-thunderbird-bn_BD-3.1.18-0.1mdv2010.2.noarch.rpm 0e8da6c9280598f2fe79805aaf385b86 2010.1/x86_64/mozilla-thunderbird-ca-3.1.18-0.1mdv2010.2.noarch.rpm 58ccda5950ea56b58a9a06767486cb1e 2010.1/x86_64/mozilla-thunderbird-cs-3.1.18-0.1mdv2010.2.noarch.rpm 441eff3681643da6ca3d06d6d0530dc7 2010.1/x86_64/mozilla-thunderbird-da-3.1.18-0.1mdv2010.2.noarch.rpm c0ee9ebfacbf312b31d8ffb17ccd5460 2010.1/x86_64/mozilla-thunderbird-de-3.1.18-0.1mdv2010.2.noarch.rpm da7055ba49b87ebffd4d593682a3dbd8 2010.1/x86_64/mozilla-thunderbird-el-3.1.18-0.1mdv2010.2.noarch.rpm 312bbd2ffa26df73912969f3af6481fa 2010.1/x86_64/mozilla-thunderbird-en_GB-3.1.18-0.1mdv2010.2.noarch.rpm 6de8b91a25b89327316f8b4fd7885ecb 2010.1/x86_64/mozilla-thunderbird-enigmail-3.1.18-0.1mdv2010.2.x86_64.rpm 48b24090054510e62b554de539f9925e 2010.1/x86_64/mozilla-thunderbird-enigmail-ar-3.1.18-0.1mdv2010.2.noarch.rpm 336281716e50c6672d1ecedefb10e8c0 2010.1/x86_64/mozilla-thunderbird-enigmail-ca-3.1.18-0.1mdv2010.2.noarch.rpm 21cc4260cafb49cf4cc4fb00c528bc42 2010.1/x86_64/mozilla-thunderbird-enigmail-cs-3.1.18-0.1mdv2010.2.noarch.rpm 5298e9cb9d3c6d52f2647f39c5f30f0a 2010.1/x86_64/mozilla-thunderbird-enigmail-de-3.1.18-0.1mdv2010.2.noarch.rpm 953e8eb780e20f44356105b92b65ab0f 2010.1/x86_64/mozilla-thunderbird-enigmail-el-3.1.18-0.1mdv2010.2.noarch.rpm 4400070253a69fdbb39a44fe6fca72b0 2010.1/x86_64/mozilla-thunderbird-enigmail-es-3.1.18-0.1mdv2010.2.noarch.rpm 6f6077201cedd86f8375a1b1281a22f2 2010.1/x86_64/mozilla-thunderbird-enigmail-fi-3.1.18-0.1mdv2010.2.noarch.rpm 8ee1234f513dc68dcc932915953bfb33 2010.1/x86_64/mozilla-thunderbird-enigmail-fr-3.1.18-0.1mdv2010.2.noarch.rpm 070f6814b074ceb2e3d2c85b6ff79e45 2010.1/x86_64/mozilla-thunderbird-enigmail-hu-3.1.18-0.1mdv2010.2.noarch.rpm 403e17ae1b57a3198547f360305bb22a 2010.1/x86_64/mozilla-thunderbird-enigmail-it-3.1.18-0.1mdv2010.2.noarch.rpm 41e417ce5fa8b932129950a1a66db9b9 2010.1/x86_64/mozilla-thunderbird-enigmail-ja-3.1.18-0.1mdv2010.2.noarch.rpm ae3a02a776ffd7be7055765f738a768c 2010.1/x86_64/mozilla-thunderbird-enigmail-ko-3.1.18-0.1mdv2010.2.noarch.rpm 840b34710a686473c2ffa54cd892f2ae 2010.1/x86_64/mozilla-thunderbird-enigmail-nb-3.1.18-0.1mdv2010.2.noarch.rpm d2cdc23b6569ecb2b2724ce8ada42335 2010.1/x86_64/mozilla-thunderbird-enigmail-nl-3.1.18-0.1mdv2010.2.noarch.rpm b702b15efb1852d2e157d9a3e0aa05fe 2010.1/x86_64/mozilla-thunderbird-enigmail-pl-3.1.18-0.1mdv2010.2.noarch.rpm 13654febe1db88486ff8a7a7573eca0a 2010.1/x86_64/mozilla-thunderbird-enigmail-pt-3.1.18-0.1mdv2010.2.noarch.rpm d8f4223f5a1a729fc845429794745ab9 2010.1/x86_64/mozilla-thunderbird-enigmail-pt_BR-3.1.18-0.1mdv2010.2.noarch.rpm b7f4723f84f5f1bc2038afe09cd16575 2010.1/x86_64/mozilla-thunderbird-enigmail-ru-3.1.18-0.1mdv2010.2.noarch.rpm 31a7d1c31c4c742e07a0bd2c9a60bf1a 2010.1/x86_64/mozilla-thunderbird-enigmail-sl-3.1.18-0.1mdv2010.2.noarch.rpm f098e70758dfcd67333a38842c37252a 2010.1/x86_64/mozilla-thunderbird-enigmail-sv-3.1.18-0.1mdv2010.2.noarch.rpm 12eb18709b5ba456dea4686514081a02 2010.1/x86_64/mozilla-thunderbird-enigmail-tr-3.1.18-0.1mdv2010.2.noarch.rpm d0472409c34ebd9a50c7b33ab0bbc1ee 2010.1/x86_64/mozilla-thunderbird-enigmail-vi-3.1.18-0.1mdv2010.2.noarch.rpm 6a2dbc20dc46caadd956d8e8d0c78b84 2010.1/x86_64/mozilla-thunderbird-enigmail-zh_CN-3.1.18-0.1mdv2010.2.noarch.rpm 313c13c4be850d3a9503c58c266d3763 2010.1/x86_64/mozilla-thunderbird-enigmail-zh_TW-3.1.18-0.1mdv2010.2.noarch.rpm 1fec29fd865ea65d81032fedcd2abec0 2010.1/x86_64/mozilla-thunderbird-es_AR-3.1.18-0.1mdv2010.2.noarch.rpm b43eaea3efd044b4b25272f9995c6207 2010.1/x86_64/mozilla-thunderbird-es_ES-3.1.18-0.1mdv2010.2.noarch.rpm 64a9c3f4cad4a235f7bb5c884fc824b2 2010.1/x86_64/mozilla-thunderbird-et-3.1.18-0.1mdv2010.2.noarch.rpm 946547e99a2b3e39e60f380720d5c54d 2010.1/x86_64/mozilla-thunderbird-et_EE-3.1.18-0.1mdv2010.2.noarch.rpm 62dbef941f9c65c1fddd50ea4735721a 2010.1/x86_64/mozilla-thunderbird-eu-3.1.18-0.1mdv2010.2.noarch.rpm 0f86f2ba3746f3f695a13b8910e2db49 2010.1/x86_64/mozilla-thunderbird-fi-3.1.18-0.1mdv2010.2.noarch.rpm fcb1a8d775d06af681c2f54147baded3 2010.1/x86_64/mozilla-thunderbird-fr-3.1.18-0.1mdv2010.2.noarch.rpm af999376cacb19af5372d369d75139e5 2010.1/x86_64/mozilla-thunderbird-fy-3.1.18-0.1mdv2010.2.noarch.rpm f41d77f9e9becf41d5034f73017bfaca 2010.1/x86_64/mozilla-thunderbird-ga-3.1.18-0.1mdv2010.2.noarch.rpm 90c23c17843d70eb9b41ba13c4414843 2010.1/x86_64/mozilla-thunderbird-gd-3.1.18-0.1mdv2010.2.noarch.rpm 1365704c231571f60022edd3bba87394 2010.1/x86_64/mozilla-thunderbird-gl-3.1.18-0.1mdv2010.2.noarch.rpm f23678607d1ead6c954f6ef8965f2cdd 2010.1/x86_64/mozilla-thunderbird-he-3.1.18-0.1mdv2010.2.noarch.rpm d39884fbfa2b4019f77765d96fa23328 2010.1/x86_64/mozilla-thunderbird-hu-3.1.18-0.1mdv2010.2.noarch.rpm 932eac8f75eb04e5864386d85143cf10 2010.1/x86_64/mozilla-thunderbird-id-3.1.18-0.1mdv2010.2.noarch.rpm 0e63169cd2bd0de5809bd062eaef3855 2010.1/x86_64/mozilla-thunderbird-is-3.1.18-0.1mdv2010.2.noarch.rpm 7c14af8608cfa36d1578a91ac7d83040 2010.1/x86_64/mozilla-thunderbird-it-3.1.18-0.1mdv2010.2.noarch.rpm e6bcad2dffb3b44fcb17c6916d3ceee2 2010.1/x86_64/mozilla-thunderbird-ja-3.1.18-0.1mdv2010.2.noarch.rpm 6bfb36c85327795c5deab233263d0edc 2010.1/x86_64/mozilla-thunderbird-ka-3.1.18-0.1mdv2010.2.noarch.rpm 834559e88eb3838cd142450c0ebdda47 2010.1/x86_64/mozilla-thunderbird-ko-3.1.18-0.1mdv2010.2.noarch.rpm 4c638d4799dcded3fa93483d7d09b1aa 2010.1/x86_64/mozilla-thunderbird-lightning-3.1.18-0.1mdv2010.2.x86_64.rpm 3b1da28683a29cb08e3566bddb8af389 2010.1/x86_64/mozilla-thunderbird-lt-3.1.18-0.1mdv2010.2.noarch.rpm 57fe42a13802dd2042bc43f26cb01800 2010.1/x86_64/mozilla-thunderbird-nb_NO-3.1.18-0.1mdv2010.2.noarch.rpm 65a850b6d875499ac43857829c0cb41e 2010.1/x86_64/mozilla-thunderbird-nl-3.1.18-0.1mdv2010.2.noarch.rpm ae164736f71bb4b949f83f07476c2e8f 2010.1/x86_64/mozilla-thunderbird-nn_NO-3.1.18-0.1mdv2010.2.noarch.rpm b275333ed502098bd1684bbbc3ce1db2 2010.1/x86_64/mozilla-thunderbird-pa_IN-3.1.18-0.1mdv2010.2.noarch.rpm c1b20f18380a175d08afa564cf6bf045 2010.1/x86_64/mozilla-thunderbird-pl-3.1.18-0.1mdv2010.2.noarch.rpm b6487ab38e3b6ec6ce21c253086b10d2 2010.1/x86_64/mozilla-thunderbird-pt_BR-3.1.18-0.1mdv2010.2.noarch.rpm 375c555e4cee1aff951f723b796e7667 2010.1/x86_64/mozilla-thunderbird-pt_PT-3.1.18-0.1mdv2010.2.noarch.rpm 5fad27a851e13cf8fb59c8e3bf38ba94 2010.1/x86_64/mozilla-thunderbird-ro-3.1.18-0.1mdv2010.2.noarch.rpm 0924ab8a25ea7d08b9c5f81def29e31d 2010.1/x86_64/mozilla-thunderbird-ru-3.1.18-0.1mdv2010.2.noarch.rpm 7847d3d2db1753c9b80336897aaeca92 2010.1/x86_64/mozilla-thunderbird-si-3.1.18-0.1mdv2010.2.noarch.rpm 7117f9540f4d59d30bef3169cd122397 2010.1/x86_64/mozilla-thunderbird-sk-3.1.18-0.1mdv2010.2.noarch.rpm 9082b16b399b333e61c625a4a5f2fc37 2010.1/x86_64/mozilla-thunderbird-sl-3.1.18-0.1mdv2010.2.noarch.rpm fd23685639473987a3611d292551303d 2010.1/x86_64/mozilla-thunderbird-sq-3.1.18-0.1mdv2010.2.noarch.rpm dfa0ccfa5f8c583cf531cfbd70dbb1cf 2010.1/x86_64/mozilla-thunderbird-sr-3.1.18-0.1mdv2010.2.noarch.rpm f3034c488f8093b7c4a706a23fdcd772 2010.1/x86_64/mozilla-thunderbird-sv_SE-3.1.18-0.1mdv2010.2.noarch.rpm 4814522ecd41812f2c7d1e93160522b0 2010.1/x86_64/mozilla-thunderbird-tr-3.1.18-0.1mdv2010.2.noarch.rpm b56853a64aee52d0a3c94863813cb288 2010.1/x86_64/mozilla-thunderbird-uk-3.1.18-0.1mdv2010.2.noarch.rpm 321aca2dc95616a7ec11e32d256ea03e 2010.1/x86_64/mozilla-thunderbird-vi-3.1.18-0.1mdv2010.2.noarch.rpm 5447e3370bf51b2e92f0c4d9665dccd3 2010.1/x86_64/mozilla-thunderbird-zh_CN-3.1.18-0.1mdv2010.2.noarch.rpm c8bca36c140b75dd85d7f2e2df620ad4 2010.1/x86_64/mozilla-thunderbird-zh_TW-3.1.18-0.1mdv2010.2.noarch.rpm 15e1519012d392449b037a1b05547a79 2010.1/x86_64/nsinstall-3.1.18-0.1mdv2010.2.x86_64.rpm 932ba90841514131569aa526384ec4d4 2010.1/x86_64/xulrunner-1.9.2.26-0.1mdv2010.2.x86_64.rpm f7e3780a2789d89eb414c4492e54f23e 2010.1/x86_64/yelp-2.30.1-4.19mdv2010.2.x86_64.rpm ecb0619e9d5b9dc284453319c3b91cde 2010.1/SRPMS/beagle-0.3.9-40.23mdv2010.2.src.rpm f37ef9a4bccf18bbc2d15b21a86eab0a 2010.1/SRPMS/firefox-3.6.26-0.1mdv2010.2.src.rpm 52ce7f8b330052f84371f88faadb09d5 2010.1/SRPMS/firefox-ext-blogrovr-1.1.804-13.19mdv2010.2.src.rpm 2213836ae9afecaead9bde85f8db3205 2010.1/SRPMS/firefox-ext-mozvoikko-1.0.1-2.19mdv2010.2.src.rpm 6494a449c2b6cd353c3c01415463cc9a 2010.1/SRPMS/firefox-ext-r-kiosk-0.8.1-2.19mdv2010.2.src.rpm b581d8d8ce0bfc5cf1f11cd1a6fdb755 2010.1/SRPMS/firefox-ext-scribefire-3.5.2-2.19mdv2010.2.src.rpm 279b2293726d456c3f7096566c0cce69 2010.1/SRPMS/firefox-ext-weave-sync-1.1-5.19mdv2010.2.src.rpm b7565777794e4a729ea6287bfdbbd683 2010.1/SRPMS/firefox-ext-xmarks-3.6.14-2.19mdv2010.2.src.rpm e1c3d4f1503b249bed939a66997683ab 2010.1/SRPMS/firefox-l10n-3.6.26-0.1mdv2010.2.src.rpm 84b6c4f7d9bad0fb047dc77a18555178 2010.1/SRPMS/gjs-0.6-4.19mdv2010.2.src.rpm c83147dc840efb907942edd41135b848 2010.1/SRPMS/gnome-python-extras-2.25.3-18.19mdv2010.2.src.rpm 920b90b50a796b16206112f961dc4cce 2010.1/SRPMS/mozilla-thunderbird-3.1.18-0.1mdv2010.2.src.rpm 6dacbc05902cee32cc9db2f05b115f1c 2010.1/SRPMS/mozilla-thunderbird-l10n-3.1.18-0.1mdv2010.2.src.rpm 9373ed2d976825c2ea059ebdf793ef68 2010.1/SRPMS/xulrunner-1.9.2.26-0.1mdv2010.2.src.rpm 46befcf6e5c1d1576d011e5a9650d7c1 2010.1/SRPMS/yelp-2.30.1-4.19mdv2010.2.src.rpm Mandriva Linux 2011: 2ef2b0783b5fe6b2f22fadb9ca0a2a7a 2011/i586/firefox-10.0-0.1-mdv2011.0.i586.rpm 53b7c65ff7ad449f34bc64b3ddfada9a 2011/i586/firefox-af-10.0-0.1-mdv2011.0.noarch.rpm bcdd27d2e40bc288ab9e62774b8d4d50 2011/i586/firefox-ar-10.0-0.1-mdv2011.0.noarch.rpm b4025c3a0aa73fce9bda54e4e2b52720 2011/i586/firefox-ast-10.0-0.1-mdv2011.0.noarch.rpm 57d466d05d3f571a014902e32eef54c5 2011/i586/firefox-be-10.0-0.1-mdv2011.0.noarch.rpm e7d2235bada3e07cb5929d17cbff8378 2011/i586/firefox-bg-10.0-0.1-mdv2011.0.noarch.rpm 7263808522930ed83be9c1255e41abe2 2011/i586/firefox-bn-10.0-0.1-mdv2011.0.noarch.rpm fcd57916b163d4166777551f5aafca74 2011/i586/firefox-br-10.0-0.1-mdv2011.0.noarch.rpm 8ba22ec1aad8eee4c310738123d2ad54 2011/i586/firefox-bs-10.0-0.1-mdv2011.0.noarch.rpm fad85edd48ca30c09039adc07673c03b 2011/i586/firefox-ca-10.0-0.1-mdv2011.0.noarch.rpm 2d3ed30a84d03611285c31555bfad898 2011/i586/firefox-cs-10.0-0.1-mdv2011.0.noarch.rpm 9e6e8089767c82753948a8e42c5db8d8 2011/i586/firefox-cy-10.0-0.1-mdv2011.0.noarch.rpm b543a6c0eae030655a4c89463e0cd416 2011/i586/firefox-da-10.0-0.1-mdv2011.0.noarch.rpm 6a03e43e98c1d1d58daf60a18f7ff138 2011/i586/firefox-de-10.0-0.1-mdv2011.0.noarch.rpm 47f48aec5a2fa96bc68325174c634d78 2011/i586/firefox-devel-10.0-0.1-mdv2011.0.i586.rpm d2dbb00d6c982a2b536f817fd1a0bb70 2011/i586/firefox-el-10.0-0.1-mdv2011.0.noarch.rpm efc59565e5d7e82971baf817ecee4383 2011/i586/firefox-en_GB-10.0-0.1-mdv2011.0.noarch.rpm b48c838ed358e734bbbb7728d12f7030 2011/i586/firefox-eo-10.0-0.1-mdv2011.0.noarch.rpm 0c7b8e48c56794f787defffb8ef1cb5a 2011/i586/firefox-es_AR-10.0-0.1-mdv2011.0.noarch.rpm 72bc43badc4c5b5c378c490341ea25e6 2011/i586/firefox-es_ES-10.0-0.1-mdv2011.0.noarch.rpm 0a60c387ce08783151e7ed4294e3e5d2 2011/i586/firefox-et-10.0-0.1-mdv2011.0.noarch.rpm 5a0de575ece9541c35f624c031e271d6 2011/i586/firefox-eu-10.0-0.1-mdv2011.0.noarch.rpm 9dff9072bb3a7941782d8d97c16384f8 2011/i586/firefox-fa-10.0-0.1-mdv2011.0.noarch.rpm abe88e1238e9a4e7fcd4a389992bdf5c 2011/i586/firefox-fi-10.0-0.1-mdv2011.0.noarch.rpm 8abe688203edfb4828a7f5cf68a491a1 2011/i586/firefox-fr-10.0-0.1-mdv2011.0.noarch.rpm 59959c412a50b84c44be6aaee1c5a7c3 2011/i586/firefox-fy-10.0-0.1-mdv2011.0.noarch.rpm c10fba06a5db2e2cfdc3def97b8fa2df 2011/i586/firefox-ga_IE-10.0-0.1-mdv2011.0.noarch.rpm bf1a3dfefee125db98d918fcf73f2569 2011/i586/firefox-gd-10.0-0.1-mdv2011.0.noarch.rpm b19ea1cc2f651262c692f2f4275df062 2011/i586/firefox-gl-10.0-0.1-mdv2011.0.noarch.rpm 7809c796dd48266eb3c68558c38962e8 2011/i586/firefox-gu_IN-10.0-0.1-mdv2011.0.noarch.rpm 0a70f20206f4f27796670517f1f9f69a 2011/i586/firefox-he-10.0-0.1-mdv2011.0.noarch.rpm ab05fde635df0b3114fb41381c546bdc 2011/i586/firefox-hi-10.0-0.1-mdv2011.0.noarch.rpm be02c874bc00e6d4a505829c8272a83e 2011/i586/firefox-hr-10.0-0.1-mdv2011.0.noarch.rpm 9a2048d5d14356e0c16f842a7fab43dc 2011/i586/firefox-hu-10.0-0.1-mdv2011.0.noarch.rpm e0431fbe4e36a3421d9448525c4e6e53 2011/i586/firefox-hy-10.0-0.1-mdv2011.0.noarch.rpm 464ecf390a442541b31480a895f8c2c4 2011/i586/firefox-id-10.0-0.1-mdv2011.0.noarch.rpm 40cbfb2ebd8c050464435a5292c2eebf 2011/i586/firefox-is-10.0-0.1-mdv2011.0.noarch.rpm 1d26cc4a36fa46e9a33995017b02fd39 2011/i586/firefox-it-10.0-0.1-mdv2011.0.noarch.rpm 6252afaeaa8d5fadfce04c85f9142946 2011/i586/firefox-ja-10.0-0.1-mdv2011.0.noarch.rpm b99d09b77786b73f4a04a92b29ca2575 2011/i586/firefox-kk-10.0-0.1-mdv2011.0.noarch.rpm 3e32f6649615167c7ed7e96e9c88ac5b 2011/i586/firefox-kn-10.0-0.1-mdv2011.0.noarch.rpm 464186a083be7355c4be34159aac6766 2011/i586/firefox-ko-10.0-0.1-mdv2011.0.noarch.rpm 375c3a4ece2f9b6d3bdab165162eeeb4 2011/i586/firefox-ku-10.0-0.1-mdv2011.0.noarch.rpm 6356d782dbee477cb45efd29d6aac3ce 2011/i586/firefox-lg-10.0-0.1-mdv2011.0.noarch.rpm 780aa84d06935030c42db48d1a56d0a0 2011/i586/firefox-lt-10.0-0.1-mdv2011.0.noarch.rpm bc58ef17bd68334c22551d6ede90b7f8 2011/i586/firefox-lv-10.0-0.1-mdv2011.0.noarch.rpm fbf745ecc9014631ecfe1f0c6cebb780 2011/i586/firefox-mai-10.0-0.1-mdv2011.0.noarch.rpm b2808a6ca8e75d8152e531f4644fa16f 2011/i586/firefox-mk-10.0-0.1-mdv2011.0.noarch.rpm e5f4ecb98fe3ea9a7793557ca1830943 2011/i586/firefox-ml-10.0-0.1-mdv2011.0.noarch.rpm bcffa1c0d80834d4f03727bde5bf8b8b 2011/i586/firefox-mr-10.0-0.1-mdv2011.0.noarch.rpm a3f0ce052498e7ad68aa83722685cd8e 2011/i586/firefox-nb_NO-10.0-0.1-mdv2011.0.noarch.rpm c016918b272b84f215cff8298b476fe2 2011/i586/firefox-nl-10.0-0.1-mdv2011.0.noarch.rpm 36ca14e82436e4ae13f2dda0532f3151 2011/i586/firefox-nn_NO-10.0-0.1-mdv2011.0.noarch.rpm f37e98bdb0f04b60c4586f507d08a652 2011/i586/firefox-nso-10.0-0.1-mdv2011.0.noarch.rpm dc624c89f9fcc58fd0c7701ce6eca836 2011/i586/firefox-or-10.0-0.1-mdv2011.0.noarch.rpm 6c0ee9f1c4a85c0f0ba198224ceb06d5 2011/i586/firefox-pa_IN-10.0-0.1-mdv2011.0.noarch.rpm 6974fc386ef6a3494fcd4440c1edaa65 2011/i586/firefox-pl-10.0-0.1-mdv2011.0.noarch.rpm 810f81d25c27970305ffc321280df3b0 2011/i586/firefox-pt_BR-10.0-0.1-mdv2011.0.noarch.rpm 9c130e3e115f30bc3dd4027151d8fb5c 2011/i586/firefox-pt_PT-10.0-0.1-mdv2011.0.noarch.rpm af093e147fc32aa07965a4f9b6ceb2ae 2011/i586/firefox-ro-10.0-0.1-mdv2011.0.noarch.rpm e8c8c09441d8494607eb7bc8b1e0aeca 2011/i586/firefox-ru-10.0-0.1-mdv2011.0.noarch.rpm aa622bee10f2ae2673ab96c95616884f 2011/i586/firefox-si-10.0-0.1-mdv2011.0.noarch.rpm b0424a8be5c5962680f75a801ad30171 2011/i586/firefox-sk-10.0-0.1-mdv2011.0.noarch.rpm 1270cdf4ce66bc9c52650295224121be 2011/i586/firefox-sl-10.0-0.1-mdv2011.0.noarch.rpm 7f333532363d4366311e6ae91ed7359b 2011/i586/firefox-sq-10.0-0.1-mdv2011.0.noarch.rpm 2767227826ba5ef3139ad1957a80ad45 2011/i586/firefox-sr-10.0-0.1-mdv2011.0.noarch.rpm 08b40280e7b044fd899cda18e510f545 2011/i586/firefox-sv_SE-10.0-0.1-mdv2011.0.noarch.rpm ffbedb89a973dcbee2dd43b9811d159d 2011/i586/firefox-ta-10.0-0.1-mdv2011.0.noarch.rpm 5ca8b759bf70e698263bf1353ed64e9e 2011/i586/firefox-te-10.0-0.1-mdv2011.0.noarch.rpm 70f01d831ae9a7724b2ba6c3a7d5b161 2011/i586/firefox-th-10.0-0.1-mdv2011.0.noarch.rpm 8c479bb788f45fab942640b7641149fb 2011/i586/firefox-tr-10.0-0.1-mdv2011.0.noarch.rpm 112c5c00f0be9caec09298bbd54f1bdf 2011/i586/firefox-uk-10.0-0.1-mdv2011.0.noarch.rpm 3c3648a9e27e6295b2cc0f3b31d8d07c 2011/i586/firefox-vi-10.0-0.1-mdv2011.0.noarch.rpm e84b7cb7b29f76ac89d5e66e27004715 2011/i586/firefox-zh_CN-10.0-0.1-mdv2011.0.noarch.rpm 00a31de2529389e3d991732bb47ec86c 2011/i586/firefox-zh_TW-10.0-0.1-mdv2011.0.noarch.rpm 95ad19f0d00702a32459d9ae8351af46 2011/i586/firefox-zu-10.0-0.1-mdv2011.0.noarch.rpm 3705b3279bcfb63f52fe353b124615a1 2011/i586/libvpx0-0.9.7-0.1-mdv2011.0.i586.rpm cba0d4bcaf773247d7e3c48c977c4bc7 2011/i586/libvpx-devel-0.9.7-0.1-mdv2011.0.i586.rpm 239dc1188b90f31822e424d2c84e94d8 2011/i586/libvpx-utils-0.9.7-0.1-mdv2011.0.i586.rpm 80352eb02a75417c87caad54545f6187 2011/i586/mozilla-thunderbird-10.0-0.1-mdv2011.0.i586.rpm 242de990be7d77a94ca296c2e621d742 2011/i586/mozilla-thunderbird-ar-10.0-0.1-mdv2011.0.noarch.rpm 0c7732e82e4c2cf81fbce18ccfbe6551 2011/i586/mozilla-thunderbird-ca-10.0-0.1-mdv2011.0.noarch.rpm fbfd99ecdc3b9c0fb8f336628cb3d8ba 2011/i586/mozilla-thunderbird-cs-10.0-0.1-mdv2011.0.noarch.rpm b45114416983d24f042589e504258acb 2011/i586/mozilla-thunderbird-da-10.0-0.1-mdv2011.0.noarch.rpm 56e758b908b66dba10fb2b75e37ce2fe 2011/i586/mozilla-thunderbird-de-10.0-0.1-mdv2011.0.noarch.rpm 765efd0efa2794522a7b734c7d3b81e8 2011/i586/mozilla-thunderbird-en_GB-10.0-0.1-mdv2011.0.noarch.rpm e123576e61efe9142f7d003e9e85a624 2011/i586/mozilla-thunderbird-enigmail-10.0-0.1-mdv2011.0.i586.rpm 1da3a805d04e18324b39792d3c4947de 2011/i586/mozilla-thunderbird-enigmail-ar-10.0-0.1-mdv2011.0.noarch.rpm bb7956526d2fbfca581fa8beae8263cf 2011/i586/mozilla-thunderbird-enigmail-ca-10.0-0.1-mdv2011.0.noarch.rpm f223059c6648a81e3788e94ffdb0684b 2011/i586/mozilla-thunderbird-enigmail-cs-10.0-0.1-mdv2011.0.noarch.rpm fd6de96e60e729e02540d05c99e87bdc 2011/i586/mozilla-thunderbird-enigmail-de-10.0-0.1-mdv2011.0.noarch.rpm aa34c012ab69a00ca8a4b43a05b9752d 2011/i586/mozilla-thunderbird-enigmail-el-10.0-0.1-mdv2011.0.noarch.rpm da7f3a2a27de06f85f5ca3e56792b514 2011/i586/mozilla-thunderbird-enigmail-es-10.0-0.1-mdv2011.0.noarch.rpm 25351aab3d24c5e39f320262330c6f49 2011/i586/mozilla-thunderbird-enigmail-fi-10.0-0.1-mdv2011.0.noarch.rpm 868d4664c81ced880bb5be00a5fc29b1 2011/i586/mozilla-thunderbird-enigmail-fr-10.0-0.1-mdv2011.0.noarch.rpm d680a1e7ae7ec97e16d79d4b4a053749 2011/i586/mozilla-thunderbird-enigmail-it-10.0-0.1-mdv2011.0.noarch.rpm ac1c884917b4be77681bc76cbcee6a60 2011/i586/mozilla-thunderbird-enigmail-ja-10.0-0.1-mdv2011.0.noarch.rpm 6cc041eed5b5f211a0c6e1b65ca536cb 2011/i586/mozilla-thunderbird-enigmail-ko-10.0-0.1-mdv2011.0.noarch.rpm c2dafb9a5105bd8aa253696263bfaa7f 2011/i586/mozilla-thunderbird-enigmail-nb-10.0-0.1-mdv2011.0.noarch.rpm b334b29bf3cdf02cd3e01f214390b32b 2011/i586/mozilla-thunderbird-enigmail-nl-10.0-0.1-mdv2011.0.noarch.rpm b28a60997fd572bdc993e9b03b16448d 2011/i586/mozilla-thunderbird-enigmail-pl-10.0-0.1-mdv2011.0.noarch.rpm 2f1dda86cc544920a61e484fa6b68400 2011/i586/mozilla-thunderbird-enigmail-pt-10.0-0.1-mdv2011.0.noarch.rpm 7952a463340d1ea509cbe4a4bcd03ad4 2011/i586/mozilla-thunderbird-enigmail-pt_BR-10.0-0.1-mdv2011.0.noarch.rpm 4e4fe4cdfad563a7df76417088eaf4df 2011/i586/mozilla-thunderbird-enigmail-ru-10.0-0.1-mdv2011.0.noarch.rpm 3190e292afec294e08331b4a48224537 2011/i586/mozilla-thunderbird-enigmail-sl-10.0-0.1-mdv2011.0.noarch.rpm b19c06cedc6b2e0f529305047ccab917 2011/i586/mozilla-thunderbird-enigmail-sv-10.0-0.1-mdv2011.0.noarch.rpm 8dec5d74b1a0507e5ebeee6fa7db49b0 2011/i586/mozilla-thunderbird-enigmail-tr-10.0-0.1-mdv2011.0.noarch.rpm ae958b0b55ad0c311ca0f94ea7377b13 2011/i586/mozilla-thunderbird-enigmail-vi-10.0-0.1-mdv2011.0.noarch.rpm 6b38ed0e5afa2853ad89f11edaab6e0a 2011/i586/mozilla-thunderbird-enigmail-zh_CN-10.0-0.1-mdv2011.0.noarch.rpm 729001f083edb9ecfbbf7a3eed0ac3f4 2011/i586/mozilla-thunderbird-enigmail-zh_TW-10.0-0.1-mdv2011.0.noarch.rpm 73d153801148398fe31f8efafddd802f 2011/i586/mozilla-thunderbird-es_AR-10.0-0.1-mdv2011.0.noarch.rpm fe2b74b76ca8d228d4143ac1a2a716cd 2011/i586/mozilla-thunderbird-es_ES-10.0-0.1-mdv2011.0.noarch.rpm 7aa24be40ae41bfefa1a3af2f677b6d7 2011/i586/mozilla-thunderbird-et-10.0-0.1-mdv2011.0.noarch.rpm d04834ed8e5c711c1f8bfba6f12b9a35 2011/i586/mozilla-thunderbird-eu-10.0-0.1-mdv2011.0.noarch.rpm a1f916d53559197419259fb456238dde 2011/i586/mozilla-thunderbird-fi-10.0-0.1-mdv2011.0.noarch.rpm 6eb52206986b0fa15b648a0dd671fd70 2011/i586/mozilla-thunderbird-fr-10.0-0.1-mdv2011.0.noarch.rpm 6cf08ca9a5d8ebb49afc0bdef81b2d25 2011/i586/mozilla-thunderbird-fy-10.0-0.1-mdv2011.0.noarch.rpm e2e062b23d7d7125b50c7414b828195b 2011/i586/mozilla-thunderbird-ga-10.0-0.1-mdv2011.0.noarch.rpm ad5adada540fd52433566f8f12d40607 2011/i586/mozilla-thunderbird-gd-10.0-0.1-mdv2011.0.noarch.rpm 59cfaa1890a1264a484a06e8e0832b6f 2011/i586/mozilla-thunderbird-gl-10.0-0.1-mdv2011.0.noarch.rpm d6ec1450ce9bb0a90795a71803c3c152 2011/i586/mozilla-thunderbird-he-10.0-0.1-mdv2011.0.noarch.rpm 1d253c8b55ecc86dfa87876c26097821 2011/i586/mozilla-thunderbird-hu-10.0-0.1-mdv2011.0.noarch.rpm bb75ba0c48df62ad1d77f5a3bdaff860 2011/i586/mozilla-thunderbird-is-10.0-0.1-mdv2011.0.noarch.rpm 32277a51e0504726c9ac35878ede62b9 2011/i586/mozilla-thunderbird-it-10.0-0.1-mdv2011.0.noarch.rpm 3fea1f84d748f5f2dc9625c8b4bf9e9a 2011/i586/mozilla-thunderbird-ja-10.0-0.1-mdv2011.0.noarch.rpm 2195154d032dae06f345fdbad8b6c9fc 2011/i586/mozilla-thunderbird-ko-10.0-0.1-mdv2011.0.noarch.rpm 2f8da3bb07a3347a1dd46783e0726719 2011/i586/mozilla-thunderbird-lightning-10.0-0.1-mdv2011.0.i586.rpm 07ff0afc987beb31e3bca11b05e636d2 2011/i586/mozilla-thunderbird-lt-10.0-0.1-mdv2011.0.noarch.rpm f7c8977575196e90209b1fc448a139e6 2011/i586/mozilla-thunderbird-nb_NO-10.0-0.1-mdv2011.0.noarch.rpm 1daa70d6eaa66eee6e8477db0e3f0bbc 2011/i586/mozilla-thunderbird-nl-10.0-0.1-mdv2011.0.noarch.rpm cb77129787d7442857c406693d575f63 2011/i586/mozilla-thunderbird-nn_NO-10.0-0.1-mdv2011.0.noarch.rpm 7243c7603033174100c934ade60fbdf9 2011/i586/mozilla-thunderbird-pl-10.0-0.1-mdv2011.0.noarch.rpm b36117540225e808ba9fc1ce952bf685 2011/i586/mozilla-thunderbird-pt_BR-10.0-0.1-mdv2011.0.noarch.rpm 1afc379b993d979446b84cd84c20aaa6 2011/i586/mozilla-thunderbird-pt_PT-10.0-0.1-mdv2011.0.noarch.rpm 426cdf733a03bf8d7c6b286513d97d47 2011/i586/mozilla-thunderbird-ru-10.0-0.1-mdv2011.0.noarch.rpm 47c506599be1f8b4ee693abb91744d61 2011/i586/mozilla-thunderbird-si-10.0-0.1-mdv2011.0.noarch.rpm 712099e70369ef38f8484c2b0bc8c299 2011/i586/mozilla-thunderbird-sk-10.0-0.1-mdv2011.0.noarch.rpm b83b828d756b41e409e474904efc5988 2011/i586/mozilla-thunderbird-sl-10.0-0.1-mdv2011.0.noarch.rpm 511be78124e0c597ced42c6d7022f4db 2011/i586/mozilla-thunderbird-sq-10.0-0.1-mdv2011.0.noarch.rpm bfc85e716d93dd4918478035520724d7 2011/i586/mozilla-thunderbird-sv_SE-10.0-0.1-mdv2011.0.noarch.rpm 6a18f19e126e9a31074e1d4d0b2cea97 2011/i586/mozilla-thunderbird-tr-10.0-0.1-mdv2011.0.noarch.rpm dcf00993521a3df48faabec8a3268296 2011/i586/mozilla-thunderbird-uk-10.0-0.1-mdv2011.0.noarch.rpm db21a55b562aa484505d41255ca041a4 2011/i586/mozilla-thunderbird-zh_TW-10.0-0.1-mdv2011.0.noarch.rpm 69b9923a08bf82d1f3e3403b50aa0094 2011/i586/nsinstall-10.0-0.1-mdv2011.0.i586.rpm 5709443eb29dc40be156cb04d8bf3571 2011/SRPMS/firefox-10.0-0.1.src.rpm f65175c37626cc24b2979c1fd7cdeece 2011/SRPMS/firefox-l10n-10.0-0.1.src.rpm 4f8e6df8c5d8d05a9742987ac3ce70d0 2011/SRPMS/libvpx-0.9.7-0.1.src.rpm dab0ed417e92b95cb9303aee6e31e737 2011/SRPMS/mozilla-thunderbird-10.0-0.1.src.rpm 56cfb4da5791221482bf22331a39cac4 2011/SRPMS/mozilla-thunderbird-l10n-10.0-0.1.src.rpm Mandriva Linux 2011/X86_64: 78e41df1b1d8a52b4ba7cd97dfb4a3c7 2011/x86_64/firefox-10.0-0.1-mdv2011.0.x86_64.rpm 1f1e64bd2314998250f55bc007164f96 2011/x86_64/firefox-af-10.0-0.1-mdv2011.0.noarch.rpm 0bc14a16850fc54343ebb3939199b737 2011/x86_64/firefox-ar-10.0-0.1-mdv2011.0.noarch.rpm ccc268f603d714a18d0d2898d9812350 2011/x86_64/firefox-ast-10.0-0.1-mdv2011.0.noarch.rpm bd9b01ae393e780e7f29c968179493ab 2011/x86_64/firefox-be-10.0-0.1-mdv2011.0.noarch.rpm fdee58c6402c490ed48effcd2b4a94e3 2011/x86_64/firefox-bg-10.0-0.1-mdv2011.0.noarch.rpm cae288aa488bed1edb57f5fc8e2e3b4d 2011/x86_64/firefox-bn-10.0-0.1-mdv2011.0.noarch.rpm 8bd8974b2b9c4da657d6b9fe0a07639c 2011/x86_64/firefox-br-10.0-0.1-mdv2011.0.noarch.rpm 9d6ffc0a9153882209ad83aa5ed2884c 2011/x86_64/firefox-bs-10.0-0.1-mdv2011.0.noarch.rpm b054b53998254c4aa2b7db4f0795142b 2011/x86_64/firefox-ca-10.0-0.1-mdv2011.0.noarch.rpm dff1b366b2d5fafd22cb7781233f077d 2011/x86_64/firefox-cs-10.0-0.1-mdv2011.0.noarch.rpm bedca2bb8196b6efce44210cb9127bab 2011/x86_64/firefox-cy-10.0-0.1-mdv2011.0.noarch.rpm df8bd7f5d669e7520ea3c1f0c7e6cd6d 2011/x86_64/firefox-da-10.0-0.1-mdv2011.0.noarch.rpm 96b25801ac9857ea6ab107e8e4d42a0e 2011/x86_64/firefox-de-10.0-0.1-mdv2011.0.noarch.rpm 75e8e073161708de5f332a44dfe7318d 2011/x86_64/firefox-devel-10.0-0.1-mdv2011.0.x86_64.rpm 4e21b924caaf0ea69e5ac6abfacc4494 2011/x86_64/firefox-el-10.0-0.1-mdv2011.0.noarch.rpm 209897dca35df99ad184d464abb6db87 2011/x86_64/firefox-en_GB-10.0-0.1-mdv2011.0.noarch.rpm d8d5307b925bac8f721f2fbbe2017f79 2011/x86_64/firefox-eo-10.0-0.1-mdv2011.0.noarch.rpm a96d8c1898e233139e094a1d92558578 2011/x86_64/firefox-es_AR-10.0-0.1-mdv2011.0.noarch.rpm 60d3b9730ee40fdb4893ff624904deb7 2011/x86_64/firefox-es_ES-10.0-0.1-mdv2011.0.noarch.rpm 5da8af881ebf88c7474fb24a54da49a5 2011/x86_64/firefox-et-10.0-0.1-mdv2011.0.noarch.rpm be70b4fb790ceb765d3359fead9d4924 2011/x86_64/firefox-eu-10.0-0.1-mdv2011.0.noarch.rpm 19a095371c686df2cdd6d0fe2bb085b0 2011/x86_64/firefox-fa-10.0-0.1-mdv2011.0.noarch.rpm 68be7da6044d1e0dfc9fbab65e3a81f7 2011/x86_64/firefox-fi-10.0-0.1-mdv2011.0.noarch.rpm b32813d4677a4b37311a7991903465ce 2011/x86_64/firefox-fr-10.0-0.1-mdv2011.0.noarch.rpm c5cb18124904f5dee045dbea1fda754d 2011/x86_64/firefox-fy-10.0-0.1-mdv2011.0.noarch.rpm e160a6b8eff10d6d19c00175084860da 2011/x86_64/firefox-ga_IE-10.0-0.1-mdv2011.0.noarch.rpm 005bfc9f0ec5c0eb2e0bb48b6525d507 2011/x86_64/firefox-gd-10.0-0.1-mdv2011.0.noarch.rpm 7a5aead27ca544c08e522f3332288da5 2011/x86_64/firefox-gl-10.0-0.1-mdv2011.0.noarch.rpm 5c083acba3c29c13c9d06866a4444bc6 2011/x86_64/firefox-gu_IN-10.0-0.1-mdv2011.0.noarch.rpm b940b7b18f72b7b6e8a67d4d13823191 2011/x86_64/firefox-he-10.0-0.1-mdv2011.0.noarch.rpm fbca8240fd2d8e6173c3f641023d9adf 2011/x86_64/firefox-hi-10.0-0.1-mdv2011.0.noarch.rpm c937397cb6be79f9a5571248f8bdbedb 2011/x86_64/firefox-hr-10.0-0.1-mdv2011.0.noarch.rpm c228371cec513004b4daf77b3f209d73 2011/x86_64/firefox-hu-10.0-0.1-mdv2011.0.noarch.rpm c1198149f9baaa12778964d584b56aeb 2011/x86_64/firefox-hy-10.0-0.1-mdv2011.0.noarch.rpm 0fff4c143102a3e122219ecda170ff79 2011/x86_64/firefox-id-10.0-0.1-mdv2011.0.noarch.rpm fd2b09a21c76806e1b39b85b88be02d2 2011/x86_64/firefox-is-10.0-0.1-mdv2011.0.noarch.rpm 959ea017dba159bfc105a5656ff44fef 2011/x86_64/firefox-it-10.0-0.1-mdv2011.0.noarch.rpm 25dc3765749c0b0f3dd3c93827ec8944 2011/x86_64/firefox-ja-10.0-0.1-mdv2011.0.noarch.rpm 8d673014392ecf215ad90d14521f04ba 2011/x86_64/firefox-kk-10.0-0.1-mdv2011.0.noarch.rpm 6da1e080d72b4b3911524f010b4da743 2011/x86_64/firefox-kn-10.0-0.1-mdv2011.0.noarch.rpm e7ded7caa4e64dd9e668068bb99ca3af 2011/x86_64/firefox-ko-10.0-0.1-mdv2011.0.noarch.rpm 7c65f74d07dfba690ef08b9bfb3d2441 2011/x86_64/firefox-ku-10.0-0.1-mdv2011.0.noarch.rpm 45e1715c19e572e3676dd49f5d26fbd3 2011/x86_64/firefox-lg-10.0-0.1-mdv2011.0.noarch.rpm 9b365a111dc28e276c6f04a0e8c49dd7 2011/x86_64/firefox-lt-10.0-0.1-mdv2011.0.noarch.rpm 5daac039cfda92440c1062e8152c31cb 2011/x86_64/firefox-lv-10.0-0.1-mdv2011.0.noarch.rpm 4d2f653e3137189599eb5e14bf07cbd1 2011/x86_64/firefox-mai-10.0-0.1-mdv2011.0.noarch.rpm 87f34223a494ad31e4a449e74854b725 2011/x86_64/firefox-mk-10.0-0.1-mdv2011.0.noarch.rpm e1c504d5b53e0316ca4e71196a5865b6 2011/x86_64/firefox-ml-10.0-0.1-mdv2011.0.noarch.rpm f6bb57c05ddc901968d813584df10ac3 2011/x86_64/firefox-mr-10.0-0.1-mdv2011.0.noarch.rpm 997514cfa5468e19722b54ad7a1b1534 2011/x86_64/firefox-nb_NO-10.0-0.1-mdv2011.0.noarch.rpm 0526532a8962e3907f4ac242e5810d96 2011/x86_64/firefox-nl-10.0-0.1-mdv2011.0.noarch.rpm 7d48fb7458b11595b36ca40771e0eed1 2011/x86_64/firefox-nn_NO-10.0-0.1-mdv2011.0.noarch.rpm 4093b90baeea64b53ede53b22dcf34fb 2011/x86_64/firefox-nso-10.0-0.1-mdv2011.0.noarch.rpm a8d4a5200d8d7dac3da6c49561cd7528 2011/x86_64/firefox-or-10.0-0.1-mdv2011.0.noarch.rpm bf81b9a6ec6784de87a548edcac00a5d 2011/x86_64/firefox-pa_IN-10.0-0.1-mdv2011.0.noarch.rpm 3f953a94e93a128fe073ba53e519cded 2011/x86_64/firefox-pl-10.0-0.1-mdv2011.0.noarch.rpm 2f2d4cfb34753bcabc8bae6bb8002490 2011/x86_64/firefox-pt_BR-10.0-0.1-mdv2011.0.noarch.rpm e30d1d7859f54368328f121665611312 2011/x86_64/firefox-pt_PT-10.0-0.1-mdv2011.0.noarch.rpm b234b499b932420af1b7f8d5d4395b35 2011/x86_64/firefox-ro-10.0-0.1-mdv2011.0.noarch.rpm 3cf0e167bd35483e2a633ef844b720de 2011/x86_64/firefox-ru-10.0-0.1-mdv2011.0.noarch.rpm 25f337e5cf90f9db607e740561e03d77 2011/x86_64/firefox-si-10.0-0.1-mdv2011.0.noarch.rpm efb4f1d5b217d2e02d86843a70d59d04 2011/x86_64/firefox-sk-10.0-0.1-mdv2011.0.noarch.rpm 6df8062cbbcf91d603c692987ea871fb 2011/x86_64/firefox-sl-10.0-0.1-mdv2011.0.noarch.rpm 77049b8060b6050f3652fa23a811374b 2011/x86_64/firefox-sq-10.0-0.1-mdv2011.0.noarch.rpm 4da7eb36550ace6002729089fb238d07 2011/x86_64/firefox-sr-10.0-0.1-mdv2011.0.noarch.rpm dea4d50754c5e110503e77c1b638006f 2011/x86_64/firefox-sv_SE-10.0-0.1-mdv2011.0.noarch.rpm af29943efd1fbe18dae0e5357925366b 2011/x86_64/firefox-ta-10.0-0.1-mdv2011.0.noarch.rpm 2585ac58b00196054b19af271f57e363 2011/x86_64/firefox-te-10.0-0.1-mdv2011.0.noarch.rpm 57bcde00b9db6542e0e1cec8297ed1c7 2011/x86_64/firefox-th-10.0-0.1-mdv2011.0.noarch.rpm 9f3d675965e6d1e24f596ce5ddfd5f20 2011/x86_64/firefox-tr-10.0-0.1-mdv2011.0.noarch.rpm 57d5dd8514fc8d8de25ee77642700a28 2011/x86_64/firefox-uk-10.0-0.1-mdv2011.0.noarch.rpm 15d4b5ca9b923fdea9bb87b6f29ada7f 2011/x86_64/firefox-vi-10.0-0.1-mdv2011.0.noarch.rpm 228794d3de7b9e90eab3506a56e236e8 2011/x86_64/firefox-zh_CN-10.0-0.1-mdv2011.0.noarch.rpm c756e653da24129f46021ee764713c59 2011/x86_64/firefox-zh_TW-10.0-0.1-mdv2011.0.noarch.rpm 827921cb16e669f86b050ed23a65a4c3 2011/x86_64/firefox-zu-10.0-0.1-mdv2011.0.noarch.rpm c9aaafb427005ee6b024de87d0707fc8 2011/x86_64/lib64vpx0-0.9.7-0.1-mdv2011.0.x86_64.rpm 67bbc44c9b341607189340cfbe8a3887 2011/x86_64/lib64vpx-devel-0.9.7-0.1-mdv2011.0.x86_64.rpm 8730879001a5293b0d4efa430eb648ea 2011/x86_64/libvpx-utils-0.9.7-0.1-mdv2011.0.x86_64.rpm 5b1eaa7e7631f9a2ec0699cf4127a745 2011/x86_64/mozilla-thunderbird-10.0-0.1-mdv2011.0.x86_64.rpm 03cb6a5b7279e17bb7616d1b6fa882e1 2011/x86_64/mozilla-thunderbird-ar-10.0-0.1-mdv2011.0.noarch.rpm 4949bdef38c79cae44b3b6d089f817b8 2011/x86_64/mozilla-thunderbird-ca-10.0-0.1-mdv2011.0.noarch.rpm ed9ff9ad57eada494921833592b40fdc 2011/x86_64/mozilla-thunderbird-cs-10.0-0.1-mdv2011.0.noarch.rpm 287616de2cf473c791e8440cd42b5c09 2011/x86_64/mozilla-thunderbird-da-10.0-0.1-mdv2011.0.noarch.rpm 525065ec12940d1ba528bfa180b28b43 2011/x86_64/mozilla-thunderbird-de-10.0-0.1-mdv2011.0.noarch.rpm 6262c571caf4fa3f6b18829f43fa1afc 2011/x86_64/mozilla-thunderbird-en_GB-10.0-0.1-mdv2011.0.noarch.rpm 6f712a3e1434d061605132e64fa39fe0 2011/x86_64/mozilla-thunderbird-enigmail-10.0-0.1-mdv2011.0.x86_64.rpm d0f57ff77456ced18c231612aace7387 2011/x86_64/mozilla-thunderbird-enigmail-ar-10.0-0.1-mdv2011.0.noarch.rpm fac97247bf314651af3fb541d082a75e 2011/x86_64/mozilla-thunderbird-enigmail-ca-10.0-0.1-mdv2011.0.noarch.rpm c999b37e31b7c34a10be5c5de7ed3eef 2011/x86_64/mozilla-thunderbird-enigmail-cs-10.0-0.1-mdv2011.0.noarch.rpm f3635eae149bf1ece5e1cbd4c0294ec0 2011/x86_64/mozilla-thunderbird-enigmail-de-10.0-0.1-mdv2011.0.noarch.rpm 409e89a7eb4016007058e05a66da7ea5 2011/x86_64/mozilla-thunderbird-enigmail-el-10.0-0.1-mdv2011.0.noarch.rpm 0e1cb664a57d9b554e42a2a28b7f5c5b 2011/x86_64/mozilla-thunderbird-enigmail-es-10.0-0.1-mdv2011.0.noarch.rpm 00a5b132d60711716c74d9d8f32317c5 2011/x86_64/mozilla-thunderbird-enigmail-fi-10.0-0.1-mdv2011.0.noarch.rpm a124965fb6a7d036afb6e990ce172848 2011/x86_64/mozilla-thunderbird-enigmail-fr-10.0-0.1-mdv2011.0.noarch.rpm d05e9115086ede87c4fc26b09928de42 2011/x86_64/mozilla-thunderbird-enigmail-it-10.0-0.1-mdv2011.0.noarch.rpm 882851476d2915b83299be13d5583b03 2011/x86_64/mozilla-thunderbird-enigmail-ja-10.0-0.1-mdv2011.0.noarch.rpm ecc8fdc80eb731d7b8899e8683afdfd1 2011/x86_64/mozilla-thunderbird-enigmail-ko-10.0-0.1-mdv2011.0.noarch.rpm f7ce3e0987bbb9dfcd559dca378c32f7 2011/x86_64/mozilla-thunderbird-enigmail-nb-10.0-0.1-mdv2011.0.noarch.rpm 203ed7069dc0d4d7555a2a71f27a5ab4 2011/x86_64/mozilla-thunderbird-enigmail-nl-10.0-0.1-mdv2011.0.noarch.rpm 98fd2dd34bb1bccc5d941cf323633ab9 2011/x86_64/mozilla-thunderbird-enigmail-pl-10.0-0.1-mdv2011.0.noarch.rpm 2a0984fd72a3cb3926c57b91c9422463 2011/x86_64/mozilla-thunderbird-enigmail-pt-10.0-0.1-mdv2011.0.noarch.rpm 8aabda7ddfe0830c08f8eeecbe18df55 2011/x86_64/mozilla-thunderbird-enigmail-pt_BR-10.0-0.1-mdv2011.0.noarch.rpm 602c2f8510d5b80fc23d3440822cade0 2011/x86_64/mozilla-thunderbird-enigmail-ru-10.0-0.1-mdv2011.0.noarch.rpm 77510f1095f18d83c7c398f8850b3233 2011/x86_64/mozilla-thunderbird-enigmail-sl-10.0-0.1-mdv2011.0.noarch.rpm 3efe3169159b0cec2c73908635fef648 2011/x86_64/mozilla-thunderbird-enigmail-sv-10.0-0.1-mdv2011.0.noarch.rpm 5d4f8b2f54bd285880851afc0bf1817e 2011/x86_64/mozilla-thunderbird-enigmail-tr-10.0-0.1-mdv2011.0.noarch.rpm c0566f6d1e6c358f1f2e558b896835ba 2011/x86_64/mozilla-thunderbird-enigmail-vi-10.0-0.1-mdv2011.0.noarch.rpm df7e0af69d02e02f9993c8159ecc3299 2011/x86_64/mozilla-thunderbird-enigmail-zh_CN-10.0-0.1-mdv2011.0.noarch.rpm a0d34ad295a54ea21e9ee68281a2d729 2011/x86_64/mozilla-thunderbird-enigmail-zh_TW-10.0-0.1-mdv2011.0.noarch.rpm e80ff1a7c673414e71a365bfb4092864 2011/x86_64/mozilla-thunderbird-es_AR-10.0-0.1-mdv2011.0.noarch.rpm 12a0a484d3480b6bfd4582dc73dcb984 2011/x86_64/mozilla-thunderbird-es_ES-10.0-0.1-mdv2011.0.noarch.rpm ad80dc35c0b1380eac078914249582fa 2011/x86_64/mozilla-thunderbird-et-10.0-0.1-mdv2011.0.noarch.rpm cd8ce9b09045275801eabda2c0cae353 2011/x86_64/mozilla-thunderbird-eu-10.0-0.1-mdv2011.0.noarch.rpm 4a57bcae7ffea9a23f09e7898bf334e0 2011/x86_64/mozilla-thunderbird-fi-10.0-0.1-mdv2011.0.noarch.rpm ce4fa5e1f9ad750ffbdcf5629063a7bc 2011/x86_64/mozilla-thunderbird-fr-10.0-0.1-mdv2011.0.noarch.rpm 89e98b79fbe7caed845350caf271addb 2011/x86_64/mozilla-thunderbird-fy-10.0-0.1-mdv2011.0.noarch.rpm e3d233fbf25534cef61a2b7db5f91c67 2011/x86_64/mozilla-thunderbird-ga-10.0-0.1-mdv2011.0.noarch.rpm 84567f9dc4b6bc019425220f75398ca9 2011/x86_64/mozilla-thunderbird-gd-10.0-0.1-mdv2011.0.noarch.rpm f53a8750134cd0073bfb96d178f10e7c 2011/x86_64/mozilla-thunderbird-gl-10.0-0.1-mdv2011.0.noarch.rpm 82a87ba73aca9681ee4e4793c23e9fbe 2011/x86_64/mozilla-thunderbird-he-10.0-0.1-mdv2011.0.noarch.rpm 9f572022ae5f45006c1aa65c474bd8d2 2011/x86_64/mozilla-thunderbird-hu-10.0-0.1-mdv2011.0.noarch.rpm fefecba1619f37253c5378b7d38bfd55 2011/x86_64/mozilla-thunderbird-is-10.0-0.1-mdv2011.0.noarch.rpm 66c377e53df55aa8c56710329e10f1b8 2011/x86_64/mozilla-thunderbird-it-10.0-0.1-mdv2011.0.noarch.rpm 21458465c7f684c4556af84f0709b03f 2011/x86_64/mozilla-thunderbird-ja-10.0-0.1-mdv2011.0.noarch.rpm 09bb8c6279d080a2c5f1354c1da738fa 2011/x86_64/mozilla-thunderbird-ko-10.0-0.1-mdv2011.0.noarch.rpm 044602b3130345d29d640dc470b8a67d 2011/x86_64/mozilla-thunderbird-lightning-10.0-0.1-mdv2011.0.x86_64.rpm 498b906e203c1eda029af3986bbc7d26 2011/x86_64/mozilla-thunderbird-lt-10.0-0.1-mdv2011.0.noarch.rpm 74faaa420e2402b15155386ca3b454b2 2011/x86_64/mozilla-thunderbird-nb_NO-10.0-0.1-mdv2011.0.noarch.rpm 1a78974dc2b726b5b6a4b252be2a8484 2011/x86_64/mozilla-thunderbird-nl-10.0-0.1-mdv2011.0.noarch.rpm cbda817f8a3fdf27db63e77a1b3faba1 2011/x86_64/mozilla-thunderbird-nn_NO-10.0-0.1-mdv2011.0.noarch.rpm ab09946d29726d303e251d90cca1a488 2011/x86_64/mozilla-thunderbird-pl-10.0-0.1-mdv2011.0.noarch.rpm a981bd917b73f4c1ec36f437f46e9fc5 2011/x86_64/mozilla-thunderbird-pt_BR-10.0-0.1-mdv2011.0.noarch.rpm 7cccc189d9282e8189dd9a1b6885aace 2011/x86_64/mozilla-thunderbird-pt_PT-10.0-0.1-mdv2011.0.noarch.rpm fc7e127ad013aa10253eebffe9b36f7e 2011/x86_64/mozilla-thunderbird-ru-10.0-0.1-mdv2011.0.noarch.rpm 03d8ca42fd8c0b44a933aa6645849d68 2011/x86_64/mozilla-thunderbird-si-10.0-0.1-mdv2011.0.noarch.rpm facd2a4923fcf4c48d315eb2e4c85d80 2011/x86_64/mozilla-thunderbird-sk-10.0-0.1-mdv2011.0.noarch.rpm 677eb9dead1ed2f84035716289bd4474 2011/x86_64/mozilla-thunderbird-sl-10.0-0.1-mdv2011.0.noarch.rpm 40ce0e7165021eadf9cdee63e2df2d6e 2011/x86_64/mozilla-thunderbird-sq-10.0-0.1-mdv2011.0.noarch.rpm c20c5baccc9227afa08dca27ba10e593 2011/x86_64/mozilla-thunderbird-sv_SE-10.0-0.1-mdv2011.0.noarch.rpm 02cb872d66fd1ece7b1a8be9a0584703 2011/x86_64/mozilla-thunderbird-tr-10.0-0.1-mdv2011.0.noarch.rpm 79fdc44d21d7c5f4effa9604206902ff 2011/x86_64/mozilla-thunderbird-uk-10.0-0.1-mdv2011.0.noarch.rpm 30e9760725d6afa3e060c2468679f1bb 2011/x86_64/mozilla-thunderbird-zh_TW-10.0-0.1-mdv2011.0.noarch.rpm 9109ce712ebdfa3e9ada1d97df53e107 2011/x86_64/nsinstall-10.0-0.1-mdv2011.0.x86_64.rpm 5709443eb29dc40be156cb04d8bf3571 2011/SRPMS/firefox-10.0-0.1.src.rpm f65175c37626cc24b2979c1fd7cdeece 2011/SRPMS/firefox-l10n-10.0-0.1.src.rpm 4f8e6df8c5d8d05a9742987ac3ce70d0 2011/SRPMS/libvpx-0.9.7-0.1.src.rpm dab0ed417e92b95cb9303aee6e31e737 2011/SRPMS/mozilla-thunderbird-10.0-0.1.src.rpm 56cfb4da5791221482bf22331a39cac4 2011/SRPMS/mozilla-thunderbird-l10n-10.0-0.1.src.rpm Mandriva Enterprise Server 5: a1f5dd4a6bb18744ef236e8cd96611e5 mes5/i586/firefox-3.6.26-0.1mdvmes5.2.i586.rpm 1609e64b040e7162069fa5cd048f1940 mes5/i586/firefox-af-3.6.26-0.1mdvmes5.2.i586.rpm a3638dbd9d97b38dd3c2b696aa927e13 mes5/i586/firefox-ar-3.6.26-0.1mdvmes5.2.i586.rpm 4990b849b97d10f145f5c1985338fe61 mes5/i586/firefox-be-3.6.26-0.1mdvmes5.2.i586.rpm 449a1e770c928dc819349a2ca97120f5 mes5/i586/firefox-bg-3.6.26-0.1mdvmes5.2.i586.rpm b02e745e8260f3f9a3913495741ce7a5 mes5/i586/firefox-bn-3.6.26-0.1mdvmes5.2.i586.rpm 2b9ce7f81d28d3f5a8407dd18b9415f7 mes5/i586/firefox-ca-3.6.26-0.1mdvmes5.2.i586.rpm 3315c929c364188cad5d950087ba5cf7 mes5/i586/firefox-cs-3.6.26-0.1mdvmes5.2.i586.rpm 0b205dcf6c9b3d40a43791ba4b2f6c46 mes5/i586/firefox-cy-3.6.26-0.1mdvmes5.2.i586.rpm f7564cf4dc5957bf27571db340854ea1 mes5/i586/firefox-da-3.6.26-0.1mdvmes5.2.i586.rpm 22b25c4c6167e55e94b457d4c3203143 mes5/i586/firefox-de-3.6.26-0.1mdvmes5.2.i586.rpm f0ff7946c2210d7e04e2f374b88d8ff5 mes5/i586/firefox-devel-3.6.26-0.1mdvmes5.2.i586.rpm 938afaad5110823892b65c74897510eb mes5/i586/firefox-el-3.6.26-0.1mdvmes5.2.i586.rpm 1b834b5ecb2e1687ea5d6d4fec1ce86d mes5/i586/firefox-en_GB-3.6.26-0.1mdvmes5.2.i586.rpm 32b2d066f7bdae6868ac5872697d0edf mes5/i586/firefox-eo-3.6.26-0.1mdvmes5.2.i586.rpm 5a1962bdd7516928641a63063cd44d47 mes5/i586/firefox-es_AR-3.6.26-0.1mdvmes5.2.i586.rpm 67a1c15b3f70ba5aa00481dfa3cb4cd9 mes5/i586/firefox-es_ES-3.6.26-0.1mdvmes5.2.i586.rpm cc5cefe9e47fb3256825b00293947373 mes5/i586/firefox-et-3.6.26-0.1mdvmes5.2.i586.rpm 180f380a025185eb5c43513d09f89577 mes5/i586/firefox-eu-3.6.26-0.1mdvmes5.2.i586.rpm 38e4c8c3fca4fb699319227f5fa9463c mes5/i586/firefox-fi-3.6.26-0.1mdvmes5.2.i586.rpm 05f19ab570cf204dfc93fe4c92b6b530 mes5/i586/firefox-fr-3.6.26-0.1mdvmes5.2.i586.rpm 7a555df570b9d41b5393b9918ea31097 mes5/i586/firefox-fy-3.6.26-0.1mdvmes5.2.i586.rpm 2aa6cdfebbe13cf6dd76d1699c9eaf7e mes5/i586/firefox-ga_IE-3.6.26-0.1mdvmes5.2.i586.rpm 17937dbeda3a34d5f38a1400b2c32c3a mes5/i586/firefox-gl-3.6.26-0.1mdvmes5.2.i586.rpm 46bc32cc5d8b538a62c60f4da42c7fba mes5/i586/firefox-gu_IN-3.6.26-0.1mdvmes5.2.i586.rpm c941071dbae9d6fcf02c73fff4e86967 mes5/i586/firefox-he-3.6.26-0.1mdvmes5.2.i586.rpm 94c42fb020f0714a5eaf97f48fa5dd42 mes5/i586/firefox-hi-3.6.26-0.1mdvmes5.2.i586.rpm 21ce0490dab3911694a599d8c2cb0245 mes5/i586/firefox-hu-3.6.26-0.1mdvmes5.2.i586.rpm d064c193beb91b38bd2a5fc6ccf786fe mes5/i586/firefox-id-3.6.26-0.1mdvmes5.2.i586.rpm cd99fd5cc940c3775bdf97bd1bdcee4a mes5/i586/firefox-is-3.6.26-0.1mdvmes5.2.i586.rpm a1849e605d18e7395f2b1b01a1151350 mes5/i586/firefox-it-3.6.26-0.1mdvmes5.2.i586.rpm 4d73467450db898d6cee06048bf1bbd5 mes5/i586/firefox-ja-3.6.26-0.1mdvmes5.2.i586.rpm c5c067652bcab5b77f783ade8141ad67 mes5/i586/firefox-ka-3.6.26-0.1mdvmes5.2.i586.rpm 9d9d40e72a893336d15836169e970340 mes5/i586/firefox-kn-3.6.26-0.1mdvmes5.2.i586.rpm 3a16e829c6731eba4904078b9f9532ce mes5/i586/firefox-ko-3.6.26-0.1mdvmes5.2.i586.rpm f6d972641b11324c15ffbe0e694b00bc mes5/i586/firefox-ku-3.6.26-0.1mdvmes5.2.i586.rpm 1a3177e54df58ff3dc6391c495ba64a8 mes5/i586/firefox-lt-3.6.26-0.1mdvmes5.2.i586.rpm b2d926bdfa3deb27b851cb223a9594ba mes5/i586/firefox-lv-3.6.26-0.1mdvmes5.2.i586.rpm 05ace41f355749062555017cccaabea9 mes5/i586/firefox-mk-3.6.26-0.1mdvmes5.2.i586.rpm b092c768c2176c4663857cd451cb0024 mes5/i586/firefox-mr-3.6.26-0.1mdvmes5.2.i586.rpm 6836982b198ab7aee2774a891df72dbf mes5/i586/firefox-nb_NO-3.6.26-0.1mdvmes5.2.i586.rpm dfab0c02f7a55f86d3782ee493cfb02e mes5/i586/firefox-nl-3.6.26-0.1mdvmes5.2.i586.rpm e286914012e2f9182844d3d82185e94f mes5/i586/firefox-nn_NO-3.6.26-0.1mdvmes5.2.i586.rpm 3772ceafb6c3fd0b3006222b1826a7fb mes5/i586/firefox-oc-3.6.26-0.1mdvmes5.2.i586.rpm dd0311dcbb17de1438280b15edf77025 mes5/i586/firefox-pa_IN-3.6.26-0.1mdvmes5.2.i586.rpm b09f1e560dd8bc64ee8f927df3adad18 mes5/i586/firefox-pl-3.6.26-0.1mdvmes5.2.i586.rpm 781e96566d8e955cec6078549ecfb426 mes5/i586/firefox-pt_BR-3.6.26-0.1mdvmes5.2.i586.rpm 84ee06c23bd01dd0a9c9652650f2ad80 mes5/i586/firefox-pt_PT-3.6.26-0.1mdvmes5.2.i586.rpm 9bbdb8298a63a7f35927e1382445814c mes5/i586/firefox-ro-3.6.26-0.1mdvmes5.2.i586.rpm cec176421fd009837afeab1a592df21a mes5/i586/firefox-ru-3.6.26-0.1mdvmes5.2.i586.rpm 67bf88d831056e2431d175e5f9d2f259 mes5/i586/firefox-si-3.6.26-0.1mdvmes5.2.i586.rpm 819575c330406aa57d1445d9d41653ee mes5/i586/firefox-sk-3.6.26-0.1mdvmes5.2.i586.rpm 889909d06a86da0f37f30a15c0d06713 mes5/i586/firefox-sl-3.6.26-0.1mdvmes5.2.i586.rpm 4d0c9c5e9a6ce44572107a969c14a5f4 mes5/i586/firefox-sq-3.6.26-0.1mdvmes5.2.i586.rpm cedbf297a630a5b6277926af6bf483b2 mes5/i586/firefox-sr-3.6.26-0.1mdvmes5.2.i586.rpm 8064f77dcb30f6d525e7d730d0d010c6 mes5/i586/firefox-sv_SE-3.6.26-0.1mdvmes5.2.i586.rpm 447d83be25985684a792761bfba2c2f3 mes5/i586/firefox-te-3.6.26-0.1mdvmes5.2.i586.rpm 39140662e473f6ed5dc2ec222fc49065 mes5/i586/firefox-th-3.6.26-0.1mdvmes5.2.i586.rpm aacb91c0c58e02730042bbe26795b70f mes5/i586/firefox-tr-3.6.26-0.1mdvmes5.2.i586.rpm 277fa8b741c3fcfd2eda61f128ff8fa6 mes5/i586/firefox-uk-3.6.26-0.1mdvmes5.2.i586.rpm 612ab6c5222059e45bc08bda7097bc78 mes5/i586/firefox-zh_CN-3.6.26-0.1mdvmes5.2.i586.rpm 7fced953b90507f8dd0c25f7c8443c9d mes5/i586/firefox-zh_TW-3.6.26-0.1mdvmes5.2.i586.rpm ffc78b91d0a957d94cee609b55fa7ab7 mes5/i586/gnome-python-extras-2.19.1-20.35mdvmes5.2.i586.rpm 7d6c3a49866704980c4ea79fb3dcd3f4 mes5/i586/gnome-python-gda-2.19.1-20.35mdvmes5.2.i586.rpm b4b087d262ef4a9ba5a25b39a7659795 mes5/i586/gnome-python-gda-devel-2.19.1-20.35mdvmes5.2.i586.rpm 07f8625eabaa516c67e09727db4c6634 mes5/i586/gnome-python-gdl-2.19.1-20.35mdvmes5.2.i586.rpm 205d2dc92905f3a9f0fd07e253b6c4c3 mes5/i586/gnome-python-gtkhtml2-2.19.1-20.35mdvmes5.2.i586.rpm 171594d4524cc80cb9bf1c573d09354f mes5/i586/gnome-python-gtkmozembed-2.19.1-20.35mdvmes5.2.i586.rpm f2c144aa8ecb8fc653c4dfd11e645647 mes5/i586/gnome-python-gtkspell-2.19.1-20.35mdvmes5.2.i586.rpm b69582b58abf1d4a230351256ec4ea76 mes5/i586/libxulrunner1.9.2.26-1.9.2.26-0.1mdvmes5.2.i586.rpm dcd30814347a9385da998e01502b4a6f mes5/i586/libxulrunner-devel-1.9.2.26-0.1mdvmes5.2.i586.rpm 9499da431f31df3d5cffea853890a2c1 mes5/i586/xulrunner-1.9.2.26-0.1mdvmes5.2.i586.rpm 4e207dea6fa5a75d924cd80dd467104c mes5/i586/yelp-2.24.0-3.36mdvmes5.2.i586.rpm 96362c4761b900fdd3c53655c4a54d85 mes5/SRPMS/firefox-3.6.26-0.1mdvmes5.2.src.rpm d112ac11b3ef021bbf566f4e2e945e22 mes5/SRPMS/firefox-l10n-3.6.26-0.1mdvmes5.2.src.rpm b21122f95b62ef8c12aae0b0a8024626 mes5/SRPMS/gnome-python-extras-2.19.1-20.35mdvmes5.2.src.rpm 95f656b0b49d8607083a422ce0aa57c1 mes5/SRPMS/xulrunner-1.9.2.26-0.1mdvmes5.2.src.rpm abf638ea1a81c397fdc8cfc88a8be618 mes5/SRPMS/yelp-2.24.0-3.36mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: 2d7356c4c7fde95de558e1439b408f54 mes5/x86_64/firefox-3.6.26-0.1mdvmes5.2.x86_64.rpm f4ae86105896aab39ce80792cfcafb6d mes5/x86_64/firefox-af-3.6.26-0.1mdvmes5.2.x86_64.rpm 91eb03341033ceb6fbfba2325243c56e mes5/x86_64/firefox-ar-3.6.26-0.1mdvmes5.2.x86_64.rpm 2544785edf181ad483eda419a0572ad0 mes5/x86_64/firefox-be-3.6.26-0.1mdvmes5.2.x86_64.rpm 3b6b70cb756340c455dcde78a92c55aa mes5/x86_64/firefox-bg-3.6.26-0.1mdvmes5.2.x86_64.rpm 3bb43a7a6407a0922fadb5c34f04e0e5 mes5/x86_64/firefox-bn-3.6.26-0.1mdvmes5.2.x86_64.rpm ccc4fc105c55aea4b1eaca86ef589599 mes5/x86_64/firefox-ca-3.6.26-0.1mdvmes5.2.x86_64.rpm 105a6c10f6031402c905674d87257d23 mes5/x86_64/firefox-cs-3.6.26-0.1mdvmes5.2.x86_64.rpm e377a2ea1ab141c1bab7911ccaeae18a mes5/x86_64/firefox-cy-3.6.26-0.1mdvmes5.2.x86_64.rpm 3fd59e0071f2cf9956e8882a2079d7de mes5/x86_64/firefox-da-3.6.26-0.1mdvmes5.2.x86_64.rpm 7881f1b64fdec0d0a71fa9c5b5ff1ec7 mes5/x86_64/firefox-de-3.6.26-0.1mdvmes5.2.x86_64.rpm f40d2523bf710343e94c881f37bcabae mes5/x86_64/firefox-devel-3.6.26-0.1mdvmes5.2.x86_64.rpm 0eff9421c624b260ed1572beb6ffee47 mes5/x86_64/firefox-el-3.6.26-0.1mdvmes5.2.x86_64.rpm bcfda0136bfcd158871690c53dddb5b9 mes5/x86_64/firefox-en_GB-3.6.26-0.1mdvmes5.2.x86_64.rpm d347f3675807d7233ba48b3cbaf77914 mes5/x86_64/firefox-eo-3.6.26-0.1mdvmes5.2.x86_64.rpm 102e892eb165940ed5b8549a0d66db80 mes5/x86_64/firefox-es_AR-3.6.26-0.1mdvmes5.2.x86_64.rpm d818669effada440ef862e506922c0b6 mes5/x86_64/firefox-es_ES-3.6.26-0.1mdvmes5.2.x86_64.rpm c21f4037b3b4c0c9235497fa51603d13 mes5/x86_64/firefox-et-3.6.26-0.1mdvmes5.2.x86_64.rpm 60ffe0598c940827c76c41a0cf9b3f4b mes5/x86_64/firefox-eu-3.6.26-0.1mdvmes5.2.x86_64.rpm eca1c788ab76dafe22a4fbdb51ab61ae mes5/x86_64/firefox-fi-3.6.26-0.1mdvmes5.2.x86_64.rpm 6e1d866d3b676d3ee1d95a9f04871890 mes5/x86_64/firefox-fr-3.6.26-0.1mdvmes5.2.x86_64.rpm abba95a8b276c71a1e011e6b0ac15244 mes5/x86_64/firefox-fy-3.6.26-0.1mdvmes5.2.x86_64.rpm 3ab14c26c713a8272f82d1143e816724 mes5/x86_64/firefox-ga_IE-3.6.26-0.1mdvmes5.2.x86_64.rpm 940a9b07bf10bc9701c7fde13665e5f6 mes5/x86_64/firefox-gl-3.6.26-0.1mdvmes5.2.x86_64.rpm 802cdeac25b602dbe2868fd21a8a4653 mes5/x86_64/firefox-gu_IN-3.6.26-0.1mdvmes5.2.x86_64.rpm 540470fe5fc7b85ce7669761ad24165e mes5/x86_64/firefox-he-3.6.26-0.1mdvmes5.2.x86_64.rpm e42d14cbe65edbecfe93ce5eca102f14 mes5/x86_64/firefox-hi-3.6.26-0.1mdvmes5.2.x86_64.rpm b32132241484275fca2301b122735263 mes5/x86_64/firefox-hu-3.6.26-0.1mdvmes5.2.x86_64.rpm 1139222d84d733e78c6da7658fa45cc4 mes5/x86_64/firefox-id-3.6.26-0.1mdvmes5.2.x86_64.rpm e9be86fa21f3b1074edd71842708b516 mes5/x86_64/firefox-is-3.6.26-0.1mdvmes5.2.x86_64.rpm e8533cc7ab7822a072362ff76b99992c mes5/x86_64/firefox-it-3.6.26-0.1mdvmes5.2.x86_64.rpm 8438d5c723f5f6f1163df65558369366 mes5/x86_64/firefox-ja-3.6.26-0.1mdvmes5.2.x86_64.rpm 137eb296168593206afdc82ee779e917 mes5/x86_64/firefox-ka-3.6.26-0.1mdvmes5.2.x86_64.rpm baa482214ebc3360f99dcd27e655c408 mes5/x86_64/firefox-kn-3.6.26-0.1mdvmes5.2.x86_64.rpm 951f8888312ef126e9c76ff55647671d mes5/x86_64/firefox-ko-3.6.26-0.1mdvmes5.2.x86_64.rpm f1862be4b32a880e8e1456973cc361da mes5/x86_64/firefox-ku-3.6.26-0.1mdvmes5.2.x86_64.rpm 7c80b205b23220b376fd52ff9cc77e14 mes5/x86_64/firefox-lt-3.6.26-0.1mdvmes5.2.x86_64.rpm d59c78e87200eaed5101fa5bb42443a2 mes5/x86_64/firefox-lv-3.6.26-0.1mdvmes5.2.x86_64.rpm 7c0d8897c5bed020d26369c2a251bc8b mes5/x86_64/firefox-mk-3.6.26-0.1mdvmes5.2.x86_64.rpm d3dbddb3360d64092a85248e397349c7 mes5/x86_64/firefox-mr-3.6.26-0.1mdvmes5.2.x86_64.rpm 012129ff234adf459063e1b123856d75 mes5/x86_64/firefox-nb_NO-3.6.26-0.1mdvmes5.2.x86_64.rpm b81ba0ce8c85f25b584ce00ed27c3fce mes5/x86_64/firefox-nl-3.6.26-0.1mdvmes5.2.x86_64.rpm 67b63bb05f282b94e86e756561542753 mes5/x86_64/firefox-nn_NO-3.6.26-0.1mdvmes5.2.x86_64.rpm 359a027ad91b2b9c81985eb13a8aff3d mes5/x86_64/firefox-oc-3.6.26-0.1mdvmes5.2.x86_64.rpm 2fb833cb429d2fe0013bdfb1e3d4af55 mes5/x86_64/firefox-pa_IN-3.6.26-0.1mdvmes5.2.x86_64.rpm 79352089d6cedcb1dd4636cc09767299 mes5/x86_64/firefox-pl-3.6.26-0.1mdvmes5.2.x86_64.rpm 8f31b46b844a9c69d496714b28975f98 mes5/x86_64/firefox-pt_BR-3.6.26-0.1mdvmes5.2.x86_64.rpm 6fbc1240ee152f2841ab114a54ad0b81 mes5/x86_64/firefox-pt_PT-3.6.26-0.1mdvmes5.2.x86_64.rpm fa3ef3e955d001a4a23d19e40ae191f9 mes5/x86_64/firefox-ro-3.6.26-0.1mdvmes5.2.x86_64.rpm f96c1be08cd5ba41fd19a29141045cd7 mes5/x86_64/firefox-ru-3.6.26-0.1mdvmes5.2.x86_64.rpm fcb7431072020f07a58352f1d0b7636d mes5/x86_64/firefox-si-3.6.26-0.1mdvmes5.2.x86_64.rpm ee56255bdbe84673cd5320d71d1185da mes5/x86_64/firefox-sk-3.6.26-0.1mdvmes5.2.x86_64.rpm 139a0ef48753a68d63ec09a40c44050c mes5/x86_64/firefox-sl-3.6.26-0.1mdvmes5.2.x86_64.rpm 0182294c9021b477822e478a4fb09522 mes5/x86_64/firefox-sq-3.6.26-0.1mdvmes5.2.x86_64.rpm c758410a017db62629ea020190757e2d mes5/x86_64/firefox-sr-3.6.26-0.1mdvmes5.2.x86_64.rpm 572938cbca5d4eda94f214e6461af03c mes5/x86_64/firefox-sv_SE-3.6.26-0.1mdvmes5.2.x86_64.rpm 2e0245d5cf39fc5b3ed926b10fe3a1e4 mes5/x86_64/firefox-te-3.6.26-0.1mdvmes5.2.x86_64.rpm d7b12b97b6fd3e811f90ed5e7db7408f mes5/x86_64/firefox-th-3.6.26-0.1mdvmes5.2.x86_64.rpm 50c1c63d8aea1517d06a0441efb9a5dd mes5/x86_64/firefox-tr-3.6.26-0.1mdvmes5.2.x86_64.rpm 94e79fdedaa2fb072aee9da4bc3057b5 mes5/x86_64/firefox-uk-3.6.26-0.1mdvmes5.2.x86_64.rpm 88aaa3f727be9b7ba27f165f65044a30 mes5/x86_64/firefox-zh_CN-3.6.26-0.1mdvmes5.2.x86_64.rpm a4d0331ab245d6a5373d8fbbfeea451a mes5/x86_64/firefox-zh_TW-3.6.26-0.1mdvmes5.2.x86_64.rpm fe02b1751d8f3199f6eaa0bb5ac5ac6f mes5/x86_64/gnome-python-extras-2.19.1-20.35mdvmes5.2.x86_64.rpm 190db3eaaea3b2542e13c8974d195e8c mes5/x86_64/gnome-python-gda-2.19.1-20.35mdvmes5.2.x86_64.rpm 854968d1d6ee34f619b420c1610ff1a5 mes5/x86_64/gnome-python-gda-devel-2.19.1-20.35mdvmes5.2.x86_64.rpm be0a6b87338468d0d0783e7f4f9eb103 mes5/x86_64/gnome-python-gdl-2.19.1-20.35mdvmes5.2.x86_64.rpm b05f7e2adc181b50b78daaef3901a906 mes5/x86_64/gnome-python-gtkhtml2-2.19.1-20.35mdvmes5.2.x86_64.rpm 0e9739df363a4459957f00201b09e357 mes5/x86_64/gnome-python-gtkmozembed-2.19.1-20.35mdvmes5.2.x86_64.rpm 21c972101a2b62bd636142c1782bf0d4 mes5/x86_64/gnome-python-gtkspell-2.19.1-20.35mdvmes5.2.x86_64.rpm 6634f0ccc5970b70b370b2fcfe22aa62 mes5/x86_64/lib64xulrunner1.9.2.26-1.9.2.26-0.1mdvmes5.2.x86_64.rpm a0ac7fec2684fe6ecd8c57b69a681f59 mes5/x86_64/lib64xulrunner-devel-1.9.2.26-0.1mdvmes5.2.x86_64.rpm 06560b7fa4f0476d7f209a6fec397705 mes5/x86_64/xulrunner-1.9.2.26-0.1mdvmes5.2.x86_64.rpm 7fb8896e9b29f33434170b2f8615129e mes5/x86_64/yelp-2.24.0-3.36mdvmes5.2.x86_64.rpm 96362c4761b900fdd3c53655c4a54d85 mes5/SRPMS/firefox-3.6.26-0.1mdvmes5.2.src.rpm d112ac11b3ef021bbf566f4e2e945e22 mes5/SRPMS/firefox-l10n-3.6.26-0.1mdvmes5.2.src.rpm b21122f95b62ef8c12aae0b0a8024626 mes5/SRPMS/gnome-python-extras-2.19.1-20.35mdvmes5.2.src.rpm 95f656b0b49d8607083a422ce0aa57c1 mes5/SRPMS/xulrunner-1.9.2.26-0.1mdvmes5.2.src.rpm abf638ea1a81c397fdc8cfc88a8be618 mes5/SRPMS/yelp-2.24.0-3.36mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFPK+IQmqjQ0CJFipgRApKtAKDa6tIUoGVVVcrB5jnnhiSXPJxMPQCg1mZ8 KwltSnl2JyHXRhMm9T+S8Tg= =wJlQ -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201301-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Mozilla Products: Multiple vulnerabilities Date: January 08, 2013 Bugs: #180159, #181361, #207261, #238535, #246602, #251322, #255221, #255234, #255687, #257577, #260062, #261386, #262704, #267234, #273918, #277752, #280226, #280234, #280393, #282549, #284439, #286721, #290892, #292034, #297532, #305689, #307045, #311021, #312361, #312645, #312651, #312675, #312679, #312763, #313003, #324735, #326341, #329279, #336396, #341821, #342847, #348316, #357057, #360055, #360315, #365323, #373595, #379549, #381245, #388045, #390771, #395431, #401701, #403183, #404437, #408161, #413657, #419917, #427224, #433383, #437780, #439586, #439960, #444318 ID: 201301-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. Background ========== Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla's Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/firefox < 10.0.11 >= 10.0.11 2 www-client/firefox-bin < 10.0.11 >= 10.0.11 3 mail-client/thunderbird < 10.0.11 >= 10.0.11 4 mail-client/thunderbird-bin < 10.0.11 >= 10.0.11 5 www-client/seamonkey < 2.14-r1 >= 2.14-r1 6 www-client/seamonkey-bin < 2.14 >= 2.14 7 dev-libs/nss < 3.14 >= 3.14 8 www-client/mozilla-firefox <= 3.6.8 Vulnerable! 9 www-client/mozilla-firefox-bin <= 3.5.6 Vulnerable! 10 mail-client/mozilla-thunderbird <= 3.0.4-r1 Vulnerable! 11 mail-client/mozilla-thunderbird-bin <= 3.0 Vulnerable! 12 www-client/icecat <= 10.0-r1 Vulnerable! 13 net-libs/xulrunner <= 2.0-r1 Vulnerable! 14 net-libs/xulrunner-bin <= 1.8.1.19 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 14 affected packages Description =========== Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL's for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser's font, conduct clickjacking attacks, or have other unspecified impact. Workaround ========== There is no known workaround at this time. Resolution ========== All Mozilla Firefox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11" All users of the Mozilla Firefox binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"= All Mozilla Thunderbird users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11" All users of the Mozilla Thunderbird binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11" All Mozilla SeaMonkey users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.14-r1" All users of the Mozilla SeaMonkey binary package should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.14" All NSS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/nss-3.14" The "www-client/mozilla-firefox" package has been merged into the "www-client/firefox" package. To upgrade, please unmerge "www-client/mozilla-firefox" and then emerge the latest "www-client/firefox" package: # emerge --sync # emerge --unmerge "www-client/mozilla-firefox" # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11" The "www-client/mozilla-firefox-bin" package has been merged into the "www-client/firefox-bin" package. To upgrade, please unmerge "www-client/mozilla-firefox-bin" and then emerge the latest "www-client/firefox-bin" package: # emerge --sync # emerge --unmerge "www-client/mozilla-firefox-bin" # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"= The "mail-client/mozilla-thunderbird" package has been merged into the "mail-client/thunderbird" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird" and then emerge the latest "mail-client/thunderbird" package: # emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird" # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11" The "mail-client/mozilla-thunderbird-bin" package has been merged into the "mail-client/thunderbird-bin" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird-bin" and then emerge the latest "mail-client/thunderbird-bin" package: # emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird-bin" # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11" Gentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat: # emerge --unmerge "www-client/icecat" Gentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner: # emerge --unmerge "net-libs/xulrunner" Gentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner: # emerge --unmerge "net-libs/xulrunner-bin" References ========== [ 1 ] CVE-2011-3101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3101 [ 2 ] CVE-2007-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2436 [ 3 ] CVE-2007-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2437 [ 4 ] CVE-2007-2671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2671 [ 5 ] CVE-2007-3073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3073 [ 6 ] CVE-2008-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0016 [ 7 ] CVE-2008-0017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0017 [ 8 ] CVE-2008-0367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0367 [ 9 ] CVE-2008-3835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3835 [ 10 ] CVE-2008-3836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3836 [ 11 ] CVE-2008-3837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3837 [ 12 ] CVE-2008-4058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4058 [ 13 ] CVE-2008-4059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4059 [ 14 ] CVE-2008-4060 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4060 [ 15 ] CVE-2008-4061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4061 [ 16 ] CVE-2008-4062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4062 [ 17 ] CVE-2008-4063 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4063 [ 18 ] CVE-2008-4064 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4064 [ 19 ] CVE-2008-4065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4065 [ 20 ] CVE-2008-4066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4066 [ 21 ] CVE-2008-4067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4067 [ 22 ] CVE-2008-4068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4068 [ 23 ] CVE-2008-4069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4069 [ 24 ] CVE-2008-4070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4070 [ 25 ] CVE-2008-4582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4582 [ 26 ] CVE-2008-5012 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5012 [ 27 ] CVE-2008-5013 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5013 [ 28 ] CVE-2008-5014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5014 [ 29 ] CVE-2008-5015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5015 [ 30 ] CVE-2008-5016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5016 [ 31 ] CVE-2008-5017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5017 [ 32 ] CVE-2008-5018 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5018 [ 33 ] CVE-2008-5019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5019 [ 34 ] CVE-2008-5021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5021 [ 35 ] CVE-2008-5022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5022 [ 36 ] CVE-2008-5023 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5023 [ 37 ] CVE-2008-5024 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5024 [ 38 ] CVE-2008-5052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5052 [ 39 ] CVE-2008-5500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5500 [ 40 ] CVE-2008-5501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5501 [ 41 ] CVE-2008-5502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5502 [ 42 ] CVE-2008-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5503 [ 43 ] CVE-2008-5504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5504 [ 44 ] CVE-2008-5505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5505 [ 45 ] CVE-2008-5506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5506 [ 46 ] CVE-2008-5507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5507 [ 47 ] CVE-2008-5508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5508 [ 48 ] CVE-2008-5510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5510 [ 49 ] CVE-2008-5511 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5511 [ 50 ] CVE-2008-5512 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5512 [ 51 ] CVE-2008-5513 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5513 [ 52 ] CVE-2008-5822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5822 [ 53 ] CVE-2008-5913 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5913 [ 54 ] CVE-2008-6961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6961 [ 55 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 56 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 57 ] CVE-2009-0352 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0352 [ 58 ] CVE-2009-0353 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0353 [ 59 ] CVE-2009-0354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0354 [ 60 ] CVE-2009-0355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0355 [ 61 ] CVE-2009-0356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0356 [ 62 ] CVE-2009-0357 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0357 [ 63 ] CVE-2009-0358 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0358 [ 64 ] CVE-2009-0652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0652 [ 65 ] CVE-2009-0771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0771 [ 66 ] CVE-2009-0772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0772 [ 67 ] CVE-2009-0773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0773 [ 68 ] CVE-2009-0774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0774 [ 69 ] CVE-2009-0775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0775 [ 70 ] CVE-2009-0776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0776 [ 71 ] CVE-2009-0777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0777 [ 72 ] CVE-2009-1044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1044 [ 73 ] CVE-2009-1169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1169 [ 74 ] CVE-2009-1302 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1302 [ 75 ] CVE-2009-1303 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1303 [ 76 ] CVE-2009-1304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1304 [ 77 ] CVE-2009-1305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1305 [ 78 ] CVE-2009-1306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1306 [ 79 ] CVE-2009-1307 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1307 [ 80 ] CVE-2009-1308 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1308 [ 81 ] CVE-2009-1309 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1309 [ 82 ] CVE-2009-1310 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1310 [ 83 ] CVE-2009-1311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1311 [ 84 ] CVE-2009-1312 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1312 [ 85 ] CVE-2009-1313 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1313 [ 86 ] CVE-2009-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1392 [ 87 ] CVE-2009-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1563 [ 88 ] CVE-2009-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1571 [ 89 ] CVE-2009-1828 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1828 [ 90 ] CVE-2009-1832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1832 [ 91 ] CVE-2009-1833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1833 [ 92 ] CVE-2009-1834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1834 [ 93 ] CVE-2009-1835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1835 [ 94 ] CVE-2009-1836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1836 [ 95 ] CVE-2009-1837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1837 [ 96 ] CVE-2009-1838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1838 [ 97 ] CVE-2009-1839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1839 [ 98 ] CVE-2009-1840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1840 [ 99 ] CVE-2009-1841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1841 [ 100 ] CVE-2009-2043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2043 [ 101 ] CVE-2009-2044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2044 [ 102 ] CVE-2009-2061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2061 [ 103 ] CVE-2009-2065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2065 [ 104 ] CVE-2009-2210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2210 [ 105 ] CVE-2009-2404 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2404 [ 106 ] CVE-2009-2408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2408 [ 107 ] CVE-2009-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2462 [ 108 ] CVE-2009-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2463 [ 109 ] CVE-2009-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2464 [ 110 ] CVE-2009-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2465 [ 111 ] CVE-2009-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2466 [ 112 ] CVE-2009-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2467 [ 113 ] CVE-2009-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2469 [ 114 ] CVE-2009-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2470 [ 115 ] CVE-2009-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2471 [ 116 ] CVE-2009-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2472 [ 117 ] CVE-2009-2477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2477 [ 118 ] CVE-2009-2478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2478 [ 119 ] CVE-2009-2479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2479 [ 120 ] CVE-2009-2535 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2535 [ 121 ] CVE-2009-2654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2654 [ 122 ] CVE-2009-2662 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2662 [ 123 ] CVE-2009-2664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2664 [ 124 ] CVE-2009-2665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2665 [ 125 ] CVE-2009-3069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3069 [ 126 ] CVE-2009-3070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3070 [ 127 ] CVE-2009-3071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3071 [ 128 ] CVE-2009-3072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3072 [ 129 ] CVE-2009-3074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3074 [ 130 ] CVE-2009-3075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3075 [ 131 ] CVE-2009-3076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3076 [ 132 ] CVE-2009-3077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3077 [ 133 ] CVE-2009-3078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3078 [ 134 ] CVE-2009-3079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3079 [ 135 ] CVE-2009-3274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3274 [ 136 ] CVE-2009-3371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3371 [ 137 ] CVE-2009-3372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3372 [ 138 ] CVE-2009-3373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3373 [ 139 ] CVE-2009-3374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3374 [ 140 ] CVE-2009-3375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3375 [ 141 ] CVE-2009-3376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3376 [ 142 ] CVE-2009-3377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3377 [ 143 ] CVE-2009-3378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3378 [ 144 ] CVE-2009-3379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3379 [ 145 ] CVE-2009-3380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3380 [ 146 ] CVE-2009-3381 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3381 [ 147 ] CVE-2009-3382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3382 [ 148 ] CVE-2009-3383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3383 [ 149 ] CVE-2009-3388 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3388 [ 150 ] CVE-2009-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3389 [ 151 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 152 ] CVE-2009-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3978 [ 153 ] CVE-2009-3979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3979 [ 154 ] CVE-2009-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3980 [ 155 ] CVE-2009-3981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3981 [ 156 ] CVE-2009-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3982 [ 157 ] CVE-2009-3983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3983 [ 158 ] CVE-2009-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3984 [ 159 ] CVE-2009-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3985 [ 160 ] CVE-2009-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3986 [ 161 ] CVE-2009-3987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3987 [ 162 ] CVE-2009-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3988 [ 163 ] CVE-2010-0159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0159 [ 164 ] CVE-2010-0160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0160 [ 165 ] CVE-2010-0162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0162 [ 166 ] CVE-2010-0163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0163 [ 167 ] CVE-2010-0164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0164 [ 168 ] CVE-2010-0165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0165 [ 169 ] CVE-2010-0166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0166 [ 170 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 171 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 172 ] CVE-2010-0168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0168 [ 173 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 174 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 175 ] CVE-2010-0170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0170 [ 176 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 177 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 178 ] CVE-2010-0172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0172 [ 179 ] CVE-2010-0173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0173 [ 180 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 181 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 182 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 183 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 184 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 185 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 186 ] CVE-2010-0177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0177 [ 187 ] CVE-2010-0178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0178 [ 188 ] CVE-2010-0179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0179 [ 189 ] CVE-2010-0181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0181 [ 190 ] CVE-2010-0182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0182 [ 191 ] CVE-2010-0183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0183 [ 192 ] CVE-2010-0220 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0220 [ 193 ] CVE-2010-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0648 [ 194 ] CVE-2010-0654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0654 [ 195 ] CVE-2010-1028 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1028 [ 196 ] CVE-2010-1121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1121 [ 197 ] CVE-2010-1125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1125 [ 198 ] CVE-2010-1196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1196 [ 199 ] CVE-2010-1197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1197 [ 200 ] CVE-2010-1198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1198 [ 201 ] CVE-2010-1199 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1199 [ 202 ] CVE-2010-1200 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1200 [ 203 ] CVE-2010-1201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1201 [ 204 ] CVE-2010-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1202 [ 205 ] CVE-2010-1203 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1203 [ 206 ] CVE-2010-1205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205 [ 207 ] CVE-2010-1206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1206 [ 208 ] CVE-2010-1207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1207 [ 209 ] CVE-2010-1208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1208 [ 210 ] CVE-2010-1209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1209 [ 211 ] CVE-2010-1210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1210 [ 212 ] CVE-2010-1211 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1211 [ 213 ] CVE-2010-1212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1212 [ 214 ] CVE-2010-1213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1213 [ 215 ] CVE-2010-1214 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1214 [ 216 ] CVE-2010-1215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1215 [ 217 ] CVE-2010-1585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1585 [ 218 ] CVE-2010-2751 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2751 [ 219 ] CVE-2010-2752 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2752 [ 220 ] CVE-2010-2753 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2753 [ 221 ] CVE-2010-2754 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2754 [ 222 ] CVE-2010-2755 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2755 [ 223 ] CVE-2010-2760 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2760 [ 224 ] CVE-2010-2762 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2762 [ 225 ] CVE-2010-2763 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2763 [ 226 ] CVE-2010-2764 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2764 [ 227 ] CVE-2010-2765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2765 [ 228 ] CVE-2010-2766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2766 [ 229 ] CVE-2010-2767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2767 [ 230 ] CVE-2010-2768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2768 [ 231 ] CVE-2010-2769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2769 [ 232 ] CVE-2010-2770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2770 [ 233 ] CVE-2010-3131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3131 [ 234 ] CVE-2010-3166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3166 [ 235 ] CVE-2010-3167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3167 [ 236 ] CVE-2010-3168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3168 [ 237 ] CVE-2010-3169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3169 [ 238 ] CVE-2010-3170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3170 [ 239 ] CVE-2010-3171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3171 [ 240 ] CVE-2010-3173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3173 [ 241 ] CVE-2010-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3174 [ 242 ] CVE-2010-3175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3175 [ 243 ] CVE-2010-3176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3176 [ 244 ] CVE-2010-3177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3177 [ 245 ] CVE-2010-3178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3178 [ 246 ] CVE-2010-3179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3179 [ 247 ] CVE-2010-3180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3180 [ 248 ] CVE-2010-3182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3182 [ 249 ] CVE-2010-3183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3183 [ 250 ] CVE-2010-3399 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3399 [ 251 ] CVE-2010-3400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3400 [ 252 ] CVE-2010-3765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3765 [ 253 ] CVE-2010-3766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3766 [ 254 ] CVE-2010-3767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3767 [ 255 ] CVE-2010-3768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3768 [ 256 ] CVE-2010-3769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3769 [ 257 ] CVE-2010-3770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3770 [ 258 ] CVE-2010-3771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3771 [ 259 ] CVE-2010-3772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3772 [ 260 ] CVE-2010-3773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3773 [ 261 ] CVE-2010-3774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3774 [ 262 ] CVE-2010-3775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3775 [ 263 ] CVE-2010-3776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3776 [ 264 ] CVE-2010-3777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3777 [ 265 ] CVE-2010-3778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3778 [ 266 ] CVE-2010-4508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4508 [ 267 ] CVE-2010-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5074 [ 268 ] CVE-2011-0051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0051 [ 269 ] CVE-2011-0053 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0053 [ 270 ] CVE-2011-0054 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0054 [ 271 ] CVE-2011-0055 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0055 [ 272 ] CVE-2011-0056 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0056 [ 273 ] CVE-2011-0057 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0057 [ 274 ] CVE-2011-0058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0058 [ 275 ] CVE-2011-0059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0059 [ 276 ] CVE-2011-0061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0061 [ 277 ] CVE-2011-0062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0062 [ 278 ] CVE-2011-0065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0065 [ 279 ] CVE-2011-0066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0066 [ 280 ] CVE-2011-0067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0067 [ 281 ] CVE-2011-0068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0068 [ 282 ] CVE-2011-0069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0069 [ 283 ] CVE-2011-0070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0070 [ 284 ] CVE-2011-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0071 [ 285 ] CVE-2011-0072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0072 [ 286 ] CVE-2011-0073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0073 [ 287 ] CVE-2011-0074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0074 [ 288 ] CVE-2011-0075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0075 [ 289 ] CVE-2011-0076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0076 [ 290 ] CVE-2011-0077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0077 [ 291 ] CVE-2011-0078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0078 [ 292 ] CVE-2011-0079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0079 [ 293 ] CVE-2011-0080 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0080 [ 294 ] CVE-2011-0081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0081 [ 295 ] CVE-2011-0082 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0082 [ 296 ] CVE-2011-0083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0083 [ 297 ] CVE-2011-0084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0084 [ 298 ] CVE-2011-0085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0085 [ 299 ] CVE-2011-1187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1187 [ 300 ] CVE-2011-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1202 [ 301 ] CVE-2011-1712 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1712 [ 302 ] CVE-2011-2362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2362 [ 303 ] CVE-2011-2363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2363 [ 304 ] CVE-2011-2364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2364 [ 305 ] CVE-2011-2365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2365 [ 306 ] CVE-2011-2369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2369 [ 307 ] CVE-2011-2370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2370 [ 308 ] CVE-2011-2371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2371 [ 309 ] CVE-2011-2372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2372 [ 310 ] CVE-2011-2373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2373 [ 311 ] CVE-2011-2374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2374 [ 312 ] CVE-2011-2375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2375 [ 313 ] CVE-2011-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2376 [ 314 ] CVE-2011-2377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2377 [ 315 ] CVE-2011-2378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2378 [ 316 ] CVE-2011-2605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2605 [ 317 ] CVE-2011-2980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2980 [ 318 ] CVE-2011-2981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2981 [ 319 ] CVE-2011-2982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2982 [ 320 ] CVE-2011-2983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2983 [ 321 ] CVE-2011-2984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2984 [ 322 ] CVE-2011-2985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2985 [ 323 ] CVE-2011-2986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2986 [ 324 ] CVE-2011-2987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2987 [ 325 ] CVE-2011-2988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2988 [ 326 ] CVE-2011-2989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2989 [ 327 ] CVE-2011-2990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2990 [ 328 ] CVE-2011-2991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2991 [ 329 ] CVE-2011-2993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2993 [ 330 ] CVE-2011-2995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2995 [ 331 ] CVE-2011-2996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2996 [ 332 ] CVE-2011-2997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2997 [ 333 ] CVE-2011-2998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2998 [ 334 ] CVE-2011-2999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2999 [ 335 ] CVE-2011-3000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3000 [ 336 ] CVE-2011-3001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3001 [ 337 ] CVE-2011-3002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3002 [ 338 ] CVE-2011-3003 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3003 [ 339 ] CVE-2011-3004 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3004 [ 340 ] CVE-2011-3005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3005 [ 341 ] CVE-2011-3026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026 [ 342 ] CVE-2011-3062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3062 [ 343 ] CVE-2011-3232 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3232 [ 344 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 345 ] CVE-2011-3640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3640 [ 346 ] CVE-2011-3647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3647 [ 347 ] CVE-2011-3648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3648 [ 348 ] CVE-2011-3649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3649 [ 349 ] CVE-2011-3650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3650 [ 350 ] CVE-2011-3651 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3651 [ 351 ] CVE-2011-3652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3652 [ 352 ] CVE-2011-3653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3653 [ 353 ] CVE-2011-3654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3654 [ 354 ] CVE-2011-3655 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3655 [ 355 ] CVE-2011-3658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3658 [ 356 ] CVE-2011-3659 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3659 [ 357 ] CVE-2011-3660 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3660 [ 358 ] CVE-2011-3661 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3661 [ 359 ] CVE-2011-3663 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3663 [ 360 ] CVE-2011-3665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3665 [ 361 ] CVE-2011-3670 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3670 [ 362 ] CVE-2011-3866 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3866 [ 363 ] CVE-2011-4688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4688 [ 364 ] CVE-2012-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0441 [ 365 ] CVE-2012-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0442 [ 366 ] CVE-2012-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0443 [ 367 ] CVE-2012-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0444 [ 368 ] CVE-2012-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0445 [ 369 ] CVE-2012-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0446 [ 370 ] CVE-2012-0447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0447 [ 371 ] CVE-2012-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0449 [ 372 ] CVE-2012-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0450 [ 373 ] CVE-2012-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0451 [ 374 ] CVE-2012-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0452 [ 375 ] CVE-2012-0455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0455 [ 376 ] CVE-2012-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0456 [ 377 ] CVE-2012-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0457 [ 378 ] CVE-2012-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0458 [ 379 ] CVE-2012-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0459 [ 380 ] CVE-2012-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0460 [ 381 ] CVE-2012-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0461 [ 382 ] CVE-2012-0462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0462 [ 383 ] CVE-2012-0463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0463 [ 384 ] CVE-2012-0464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0464 [ 385 ] CVE-2012-0467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0467 [ 386 ] CVE-2012-0468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0468 [ 387 ] CVE-2012-0469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0469 [ 388 ] CVE-2012-0470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0470 [ 389 ] CVE-2012-0471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0471 [ 390 ] CVE-2012-0473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0473 [ 391 ] CVE-2012-0474 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0474 [ 392 ] CVE-2012-0475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0475 [ 393 ] CVE-2012-0477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0477 [ 394 ] CVE-2012-0478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0478 [ 395 ] CVE-2012-0479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0479 [ 396 ] CVE-2012-1937 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1937 [ 397 ] CVE-2012-1938 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1938 [ 398 ] CVE-2012-1939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1939 [ 399 ] CVE-2012-1940 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1940 [ 400 ] CVE-2012-1941 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1941 [ 401 ] CVE-2012-1945 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1945 [ 402 ] CVE-2012-1946 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1946 [ 403 ] CVE-2012-1947 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1947 [ 404 ] CVE-2012-1948 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1948 [ 405 ] CVE-2012-1949 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1949 [ 406 ] CVE-2012-1950 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1950 [ 407 ] CVE-2012-1951 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1951 [ 408 ] CVE-2012-1952 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1952 [ 409 ] CVE-2012-1953 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1953 [ 410 ] CVE-2012-1954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1954 [ 411 ] CVE-2012-1955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1955 [ 412 ] CVE-2012-1956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1956 [ 413 ] CVE-2012-1957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1957 [ 414 ] CVE-2012-1958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1958 [ 415 ] CVE-2012-1959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1959 [ 416 ] CVE-2012-1960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1960 [ 417 ] CVE-2012-1961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1961 [ 418 ] CVE-2012-1962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1962 [ 419 ] CVE-2012-1963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1963 [ 420 ] CVE-2012-1964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1964 [ 421 ] CVE-2012-1965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1965 [ 422 ] CVE-2012-1966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1966 [ 423 ] CVE-2012-1967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1967 [ 424 ] CVE-2012-1970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1970 [ 425 ] CVE-2012-1971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1971 [ 426 ] CVE-2012-1972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1972 [ 427 ] CVE-2012-1973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1973 [ 428 ] CVE-2012-1974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1974 [ 429 ] CVE-2012-1975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1975 [ 430 ] CVE-2012-1976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1976 [ 431 ] CVE-2012-1994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1994 [ 432 ] CVE-2012-3956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3956 [ 433 ] CVE-2012-3957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3957 [ 434 ] CVE-2012-3958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3958 [ 435 ] CVE-2012-3959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3959 [ 436 ] CVE-2012-3960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3960 [ 437 ] CVE-2012-3961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3961 [ 438 ] CVE-2012-3962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3962 [ 439 ] CVE-2012-3963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3963 [ 440 ] CVE-2012-3964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3964 [ 441 ] CVE-2012-3965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3965 [ 442 ] CVE-2012-3966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3966 [ 443 ] CVE-2012-3967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3967 [ 444 ] CVE-2012-3968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3968 [ 445 ] CVE-2012-3969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3969 [ 446 ] CVE-2012-3970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3970 [ 447 ] CVE-2012-3971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3971 [ 448 ] CVE-2012-3972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3972 [ 449 ] CVE-2012-3973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3973 [ 450 ] CVE-2012-3975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3975 [ 451 ] CVE-2012-3976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3976 [ 452 ] CVE-2012-3977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3977 [ 453 ] CVE-2012-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3978 [ 454 ] CVE-2012-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3980 [ 455 ] CVE-2012-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3982 [ 456 ] CVE-2012-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3984 [ 457 ] CVE-2012-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3985 [ 458 ] CVE-2012-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3986 [ 459 ] CVE-2012-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3988 [ 460 ] CVE-2012-3989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3989 [ 461 ] CVE-2012-3990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3990 [ 462 ] CVE-2012-3991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3991 [ 463 ] CVE-2012-3992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3992 [ 464 ] CVE-2012-3993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3993 [ 465 ] CVE-2012-3994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3994 [ 466 ] CVE-2012-3995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3995 [ 467 ] CVE-2012-4179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4179 [ 468 ] CVE-2012-4180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4180 [ 469 ] CVE-2012-4181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4181 [ 470 ] CVE-2012-4182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4182 [ 471 ] CVE-2012-4183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4183 [ 472 ] CVE-2012-4184 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4184 [ 473 ] CVE-2012-4185 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4185 [ 474 ] CVE-2012-4186 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4186 [ 475 ] CVE-2012-4187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4187 [ 476 ] CVE-2012-4188 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4188 [ 477 ] CVE-2012-4190 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4190 [ 478 ] CVE-2012-4191 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4191 [ 479 ] CVE-2012-4192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4192 [ 480 ] CVE-2012-4193 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4193 [ 481 ] CVE-2012-4194 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4194 [ 482 ] CVE-2012-4195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4195 [ 483 ] CVE-2012-4196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4196 [ 484 ] CVE-2012-4201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4201 [ 485 ] CVE-2012-4202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4202 [ 486 ] CVE-2012-4204 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4204 [ 487 ] CVE-2012-4205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4205 [ 488 ] CVE-2012-4206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4206 [ 489 ] CVE-2012-4207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4207 [ 490 ] CVE-2012-4208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4208 [ 491 ] CVE-2012-4209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4209 [ 492 ] CVE-2012-4210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4210 [ 493 ] CVE-2012-4212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4212 [ 494 ] CVE-2012-4215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4215 [ 495 ] CVE-2012-4216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4216 [ 496 ] CVE-2012-5354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5354 [ 497 ] CVE-2012-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5829 [ 498 ] CVE-2012-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5830 [ 499 ] CVE-2012-5833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5833 [ 500 ] CVE-2012-5835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5835 [ 501 ] CVE-2012-5836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5836 [ 502 ] CVE-2012-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5838 [ 503 ] CVE-2012-5839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5839 [ 504 ] CVE-2012-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5840 [ 505 ] CVE-2012-5841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5841 [ 506 ] CVE-2012-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5842 [ 507 ] CVE-2012-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5843 [ 508 ] Firefox Blocking Fraudulent Certificates http://blog.mozilla.org/security/2011/03/22/firefox-blocking-fraudulent-c= ertificates/ [ 509 ] Mozilla Foundation Security Advisory 2011-11 http://www.mozilla.org/security/announce/2011/mfsa2011-11.html [ 510 ] Mozilla Foundation Security Advisory 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201301-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ============================================================================ Ubuntu Security Notice USN-1355-3 February 03, 2012 ubufox and webfav update ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: This update provides compatible ubufox and webfav packages for the latest Firefox. Software Description: - ubufox: Ubuntu Firefox specific configuration defaults and apt support - webfav: Firefox extension for saving web favorites (bookmarks) Details: USN-1355-1 fixed vulnerabilities in Firefox. This update provides updated ubufox and webfav packages for use with the latest Firefox. Original advisory details: It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially readable by other users. (CVE-2012-0450) Nicolas Gregoire and Aki Helin discovered that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to memory corruption. (CVE-2012-0449) It was discovered that memory corruption could occur during the decoding of Ogg Vorbis files. (CVE-2012-0444) Tim Abraldes discovered that when encoding certain images types the resulting data was always a fixed size. There is the possibility of sensitive data from uninitialized memory being appended to these images. (CVE-2012-0447) It was discovered that Firefox did not properly perform XPConnect security checks. An attacker could exploit this to conduct cross-site scripting (XSS) attacks through web pages and Firefox extensions. (CVE-2012-0446) It was discovered that Firefox did not properly handle node removal in the DOM. (CVE-2011-3659) Alex Dvorov discovered that Firefox did not properly handle sub-frames in form submissions. (CVE-2012-0445) Ben Hawkes, Christian Holler, Honza Bombas, Jason Orendorff, Jesse Ruderman, Jan Odvarko, Peter Van Der Beken, Bob Clary, and Bill McCloskey discovered memory safety issues affecting Firefox. (CVE-2012-0442, CVE-2012-0443) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.10: xul-ext-ubufox 0.9.3-0ubuntu0.10.10.3 xul-ext-webfav 1.17-0ubuntu4.1 Ubuntu 10.04 LTS: xul-ext-ubufox 0.9.3-0ubuntu0.10.04.3 xul-ext-webfav 1.17-0ubuntu3.1 After a standard system update you need to restart Firefox to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1355-3 http://www.ubuntu.com/usn/usn-1355-1 https://launchpad.net/bugs/923319 Package Information: https://launchpad.net/ubuntu/+source/ubufox/0.9.3-0ubuntu0.10.10.3 https://launchpad.net/ubuntu/+source/webfav/1.17-0ubuntu4.1 https://launchpad.net/ubuntu/+source/ubufox/0.9.3-0ubuntu0.10.04.3 https://launchpad.net/ubuntu/+source/webfav/1.17-0ubuntu3.1

Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4511. plural Siemens Product HMI Web The server contains a cross-site scripting vulnerability. This vulnerability CVE-2011-4511 Is a different vulnerability.By any third party Web Script or HTML May be inserted. Siemens SIMATIC is an automation software in a single engineering environment. The SIMATIC HMI Smart Options web server has two separate cross-site scripting attacks that allow elevation of privilege, stealing data or corrupting services. SIMATIC HMI is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks

Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-4510. plural Siemens Product HMI Web The server contains a cross-site scripting vulnerability. This vulnerability is CVE-2011-4510 This is a different vulnerability.By any third party, Web Script or HTML May be inserted. Siemens SIMATIC is an automation software in a single engineering environment. The SIMATIC HMI Smart Options web server has two separate cross-site scripting attacks that allow elevation of privilege, stealing data or corrupting services. SIMATIC HMI is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks

The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory. The Debian openssh-server package is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to gain access to sensitive information; this may lead to further attacks. Debian openssh-server 1:5.5p1-6+squeeze1 is affected; other versions may also be vulnerable. The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections (CVE-2010-5107). The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0814 _______________________________________________________________________ Updated Packages: Mandriva Enterprise Server 5: d4dc59e94c2f0f4ca4ed3d29c05afd9d mes5/i586/openssh-5.1p1-2.3mdvmes5.2.i586.rpm 6bb053a5d82451594d433c0059c5f7a7 mes5/i586/openssh-askpass-5.1p1-2.3mdvmes5.2.i586.rpm cc26585ed65704d2fa6c0bcb102953c7 mes5/i586/openssh-askpass-common-5.1p1-2.3mdvmes5.2.i586.rpm 06ded6e5614c7a188a676550934e98bb mes5/i586/openssh-askpass-gnome-5.1p1-2.3mdvmes5.2.i586.rpm 860932e1a599ec68a150879b9c9abe52 mes5/i586/openssh-clients-5.1p1-2.3mdvmes5.2.i586.rpm fe26afea6473e680a45979a904bb7e3d mes5/i586/openssh-server-5.1p1-2.3mdvmes5.2.i586.rpm baa4beb7bfb76b7706166e7870ddd210 mes5/SRPMS/openssh-5.1p1-2.3mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: 1c43725b46c279b7295c16e0fb9f43bf mes5/x86_64/openssh-5.1p1-2.3mdvmes5.2.x86_64.rpm d0231e13471148dfed86f75c4f99a2d0 mes5/x86_64/openssh-askpass-5.1p1-2.3mdvmes5.2.x86_64.rpm 2c06080b369ab13a9c95df47336aeb13 mes5/x86_64/openssh-askpass-common-5.1p1-2.3mdvmes5.2.x86_64.rpm 9fc99fb86e43c00139329787c7b3829d mes5/x86_64/openssh-askpass-gnome-5.1p1-2.3mdvmes5.2.x86_64.rpm 63621dfc8b9c4bf731711af418ea5c5f mes5/x86_64/openssh-clients-5.1p1-2.3mdvmes5.2.x86_64.rpm ea5653a3e6d790ce02f11fbcd722801d mes5/x86_64/openssh-server-5.1p1-2.3mdvmes5.2.x86_64.rpm baa4beb7bfb76b7706166e7870ddd210 mes5/SRPMS/openssh-5.1p1-2.3mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFRQFi+mqjQ0CJFipgRAuIuAJ9D6e15JXI7YDeAIZqQalKdXEmEWwCgjBoe quBwSmmMLE/orEkpMzGwKbQ= =PJAx -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-016: EMC VPLEX Multiple Vulnerabilities EMC Identifier: ESA-2014-016 CVE Identifier: See below for individual CVEs Severity Rating: CVSS v2 Base Score: See below for individual CVSS scores Affected products: All versions from VPLEX GeoSynchrony 4.0 through VPLEX GeoSynchrony 5.2.1 are affected Summary: EMC VPLEX GeoSynchrony 5.3 contains fixes for multiple vulnerabilities that could potentially be exploited by malicious users. Details: \x95Multiple Vulnerabilities affecting the VPLEX Web GUI. Please refer to the NVD website (http://web.nvd.nist.gov/) for more details on the below CVEs Path Traversal vulnerability in VPLEX GUI \x96 CVE-2014-0632 CVSS v2 Base Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C) VPLEX GUI Session Timeout validity vulnerability \x96 CVE-2014-0633 CVSS v2 Base Score: 7.7 (AV:A/AC:L/Au:S/C:C/I:C/A:C) Missing HttpOnly attribute vulnerability \x96 CVE-2014-0634 CVSS v2 Base Score: 6 (AV:N/AC:M/Au:S/C:P/I:P/A:P) Session Fixation vulnerability \x96 CVE-2014-0635 CVSS v2 Base Score: 7.5 (AV:N/AC:M/Au:S/C:C/I:P/A:P) BEAST Attack \x96 CVE-2011-3389 CVSS v2 Base Score: See NVD advisory for the CVSS score. \x95Multiple Embedded Component Vulnerabilities Multiple vulnerabilities in the following embedded components of the SLES Operating System have been fixed: Kernel: CVE-2011-1044, CVE-2011-4110, CVE-2012-2136 perl: CVE-2002-2443 krb5: CVE-2013-1667 bind packages: CVE-2012-5166 CVSS v2 Base Score: See NVD advisory for the individual CVSS scores. Remote Information Disclosure vulnerability in OpenSSH - CVE-2012-0814 CVSS v2 Base Score: See NVD advisory for the CVSS score. Multiple vulnerabilities in Oracle Java and Apache Tomcat: This release also contains critical security updates for Oracle Java and Apache Tomcat. Oracle Java has been upgraded to 1.6.0_45 and Apache tomcat has been upgraded to 6.0.36. Please refer the following links for more information: Java: http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html Tomcat: https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36 CVSS v2 Base Score: See vendor advisory for the individual CVSS scores. Resolution: EMC recommends all customers to upgrade to VPLEX GeoSynchrony version 5.3 at their earliest opportunity. Link to remedies: Customers can download the software from Support Zone. Read and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867. For an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability. EMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (Cygwin) iEYEARECAAYFAlMy6mgACgkQtjd2rKp+ALwqbACgmMupmaxQ1GTwg1a1onHdgo4Q BxYAn1iAOq12nZ2WudlyECe9hrNp/DEc =7q/t -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201405-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: OpenSSH: Multiple vulnerabilities Date: May 11, 2014 Bugs: #231292, #247466, #386307, #410869, #419357, #456006, #505066 ID: 201405-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in OpenSSH, the worst of which may allow remote attackers to execute arbitrary code. Background ========== OpenSSH is a complete SSH protocol implementation that includes an SFTP client and server support. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/openssh < 6.6_p1-r1 >= 6.6_p1-r1 Description =========== Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could execute arbitrary code, cause a Denial of Service condition, obtain sensitive information, or bypass environment restrictions. Workaround ========== There is no known workaround at this time. Resolution ========== All OpenSSH users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/openssh-6.6_p1-r1" NOTE: One or more of the issues described in this advisory have been fixed in previous updates. They are included in this advisory for the sake of completeness. It is likely that your system is already no longer affected by them. References ========== [ 1 ] CVE-2008-5161 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5161 [ 2 ] CVE-2010-4478 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4478 [ 3 ] CVE-2010-4755 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4755 [ 4 ] CVE-2010-5107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5107 [ 5 ] CVE-2011-5000 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5000 [ 6 ] CVE-2012-0814 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0814 [ 7 ] CVE-2014-2532 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2532 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201405-06.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

The Voxofon (com.voxofon) application before 2.5.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS information via a crafted application. Voxofon is a VoIP program. Voxofon has security vulnerabilities that allow malicious applications to access and modify sensitive information, including SMS content, timestamps, contact phone numbers, delivery status, and more. Voxofon is prone to a remote unauthorized access vulnerability. An attacker can exploit this issue to read or modify SMS related content. This may aid in further attacks. Voxofon 2.4.3 is affected; other versions may also be vulnerable. ---------------------------------------------------------------------- SC Magazine awards the Secunia CSI a 5-Star rating Top-level rating for ease of use, performance, documentation, support, and value for money. Read more and get a free trial here: http://secunia.com/blog/296 ---------------------------------------------------------------------- TITLE: Voxofon - International Calls for Android Security Bypass Security Issue SECUNIA ADVISORY ID: SA47768 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47768/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47768 RELEASE DATE: 2012-02-06 DISCUSS ADVISORY: http://secunia.com/advisories/47768/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47768/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47768 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AppSec has reported a security issue in Voxofon - International Calls for Android, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to an unspecified error and can be exploited to disclose certain sensitive information like e.g. Successful exploitation requires that a malicious application is installed. The security issue is reported in version 2.4.3. SOLUTION: Reportedly fixed in version 2.5.2. PROVIDED AND/OR DISCOVERED BY: Daoyuan Wu, Xiapu Luo, and Rocky K. C. Chang Department of Computing, The Hong Kong Polytechnic University ORIGINAL ADVISORY: http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4704-vulnerability-in-Voxofon.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The Limit My Call (com.limited.call.view) application 2.11 for Android does not properly protect data, which allows remote attackers to read or modify call logs and a contact list via a crafted application. Nathaniel Kh Limit My Call is a web phone. Nathaniel Kh Limit My Call has a security vulnerability that allows malicious applications to access and modify user contacts and corresponding call records. Limit My Call is prone to a remote unauthorized access vulnerability. An attacker can exploit this issue to access and manipulate userâ??s contacts and calling logs. Limit My Call 2.11 is vulnerable; other versions may also be affected. ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: Limit My Call for Android Security Bypass Vulnerability SECUNIA ADVISORY ID: SA48420 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48420/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48420 RELEASE DATE: 2012-03-16 DISCUSS ADVISORY: http://secunia.com/advisories/48420/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/48420/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=48420 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AppSec has reported a vulnerability in Limit My Call for Android, which can be exploited by malicious people to bypass certain security restrictions. Successful exploitation requires that a malicious application is installed. The vulnerability is reported in version 2.11. SOLUTION: Update to version 2.12. PROVIDED AND/OR DISCOVERED BY: Daoyuan Wu, Xiapu Luo, and Rocky K. C. Chang. ORIGINAL ADVISORY: AppSec: http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4703-vulnerability-in-LimitMyCall.html Limit My Call: http://nathanielkh.wordpress.com/android-app/limit-my-call/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The Xiaomi MiTalk Messenger (com.xiaomi.channel) application before 2.1.320 for Android does not properly protect data, which allows remote attackers to read or modify messaging information via a crafted application. MiTalk is prone to a remote unauthorized access vulnerability. An attacker can exploit this issue to gain access to contacts, certain SMS data, buddy information, and to manipulate data. MiTalk 1.0, 2.1.280, and 2.1.310 are affected; other versions may also be vulnerable. Google Chrome is a web browser developed by Google (Google). Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: MiTalk Messenger for Android Security Bypass Security Issue SECUNIA ADVISORY ID: SA47767 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47767/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47767 RELEASE DATE: 2012-02-01 DISCUSS ADVISORY: http://secunia.com/advisories/47767/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47767/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47767 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AppSec has reported a security issue in MiTalk Messenger for Android, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to an unspecified error and can be exploited to disclose certain sensitive information like e.g. Successful exploitation requires that a malicious application is installed. The security issue is reported in versions 2.1.280 and 2.1.310. SOLUTION: Reportedly fixed in the version released on 5th December 2011. PROVIDED AND/OR DISCOVERED BY: Daoyuan Wu, Xiapu Luo, and Rocky K. C. Chang Department of Computing, The Hong Kong Polytechnic University ORIGINAL ADVISORY: http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4697-vulnerability-in-MiTalk.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The 360 KouXin (com.qihoo360.kouxin) application 1.5.3 for Android does not properly protect data, which allows remote attackers to read or modify SMS messages and a contact list via a crafted application. 360 KouXin is prone to a remote unauthorized access vulnerability. An attacker can exploit this issue to access and manipulate userâ??s sensitive contacts and SMS messages. 360 KouXin 1.5.3 is affected; other versions may also be vulnerable. Google Chrome is a web browser developed by Google (Google). Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). A vulnerability exists in version 1.5.3 of the 360 ​​KouXin (com.qihoo360.kouxin) app for Android due to improperly securing data

The 360 MobileSafe (com.qihoo360.mobilesafe) application 2.x before 2.3.0 for Android does not properly protect data, which allows remote attackers to read or modify SMS messages and a contact list via a crafted application. 360 MobileSafe is prone to a remote unauthorized access vulnerability. An attacker can exploit this issue to access and manipulate a user's blacklist, SMS, contacts, and call logs. 360 MobileSafe 2.1.0 and 2.2.0 are affected; other versions may also be vulnerable. Google Chrome is a web browser developed by Google (Google). Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance (OHA). A vulnerability exists in the 360 ​​MobileSafe (com.qihoo360.mobilesafe) app version 2.1.0 and 2.2.0 for Android due to failure to properly secure data. ---------------------------------------------------------------------- Secunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March Listen to our Chief Security Specialist, Research Analyst Director, and Director Product Management & Quality Assurance discuss the industry's key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm ---------------------------------------------------------------------- TITLE: 360 MobileSafe for Android Security Bypass Security Issue SECUNIA ADVISORY ID: SA47838 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47838/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47838 RELEASE DATE: 2012-02-09 DISCUSS ADVISORY: http://secunia.com/advisories/47838/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47838/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47838 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AppSec has reported a security issue in 360 MobileSafe for Android, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to an unspecified error and can be exploited to disclose and manipulate certain sensitive information like e.g. Successful exploitation requires that a malicious application is installed. The security issue is reported in versions 2.1.0 and 2.2.0. SOLUTION: Reportedly fixed in version 2.3.0. PROVIDED AND/OR DISCOVERED BY: Daoyuan Wu, Xiapu Luo, and Rocky K. C. Chang, Department of Computing, The Hong Kong Polytechnic University ORIGINAL ADVISORY: http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4769-vulnerability-in-360MobileSafe.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Multiple cross-site request forgery (CSRF) vulnerabilities in Parallels H-Sphere 3.3 Patch 1 allow remote attackers to hijack the authentication of admins for requests that (1) add group plans via admin/group_plans.html or (2) add extra packages via admin/extra_packs/create_extra_pack.html. Parallels H-Sphere offers multi-server host automation solutions for Linux, BSD and Windows platforms. A cross-site request forgery vulnerability exists in Parallels H-Sphere. Allows an attacker to build a malicious URI, entice a user to resolve, and perform malicious actions in the target user context. H-Sphere includes its own controls panels, automated billing, and provisioning solution in a single integrated system. It is scalable to any number of boxes — more Web, mail, database, and Windows hosting servers can be added without downtime. Abstract: ========= A Vulnerability Laboratory researcher discovered multiple persistant cross site scripting vulnerabilities on Parallels H-Sphere 3.3 Patch1. Report-Timeline: ================ 2012-01-22: Public or Non-Public Disclosure Status: ======== Published Exploitation-Technique: ======================= Remote Severity: ========= Medium Details: ======== Multiple persistant cross site scripting vulnerabilities where detected on Parallels H-Sphere 3.3 Patch1. These vulnerabilities allow an remote attacker to hijack customer sessions via persistent cross site scripting. Successful exploitation can result in account steal, client side exploitation or phishing & session hijacking. These bugs are located on the admin panel of Parallels H-Sphere 3.3 Patch1. Vulnerbale Module(s): [+] Group Module [+] Extra Package Module Picture(s): ../1.png ../2.png Proof of Concept: ================= The vulnerability can be exploited by remote attackers with high account privileges(mod/admin) & required user inter action. For demonstration or reproduce ... [Poc 1] Open Link: http://demo.psoft.net/psoft/servlet/psoft.hsphere.CP/admin/1_0/psoft.hsphere.CP?template_name=admin/group_plans.html choose admin post xss on Group Name: <IFRAME SRC="javascript:alert('XSS');"></IFRAME> press add group. Result XSS! [Poc 2] Open link: http://demo.psoft.net/psoft/servlet/psoft.hsphere.CP/admin/1_0/psoft.hsphere.CP?template_name=admin/extra_packs/create_extra_pack.html Extra Pack Name put xss code: <IFRAME SRC="javascript:alert('XSS');"></IFRAME> Extra Package Prices set fee 1 recurrent fee 1 just click submit you will see result. Risk: ===== The security risk of the persistant cross site scripting vulnerabilities are estimated as medium(-). Credits: ======== Vulnerability Research Laboratory - Ucha Gobejishvili (longrifle0x) Disclaimer: =========== The information provided in this advisory is provided as it is without any warranty. Vulnerability-Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability- Lab. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab or its suppliers. Copyright © 2012|Vulnerability-Lab -- Website: www.vulnerability-lab.com ; vuln-lab.com or vuln-db.com Contact: admin@vulnerability-lab.com or support@vulnerability-lab.com . ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Parallels H-Sphere Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA47556 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47556/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47556 RELEASE DATE: 2012-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/47556/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47556/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47556 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Vulnerability Lab has reported a vulnerability in Parallels H-Sphere, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application's web interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add extra packages and group plans and conduct script insertion attacks by tricking a logged in user into visiting a malicious web site. The vulnerability is reported in version 3.3 Patch 1. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. ORIGINAL ADVISORY: http://www.vulnerability-lab.com/get_content.php?id=392 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Buffer overflow in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to execute arbitrary code via long strings in unspecified parameters. Koyo ECOM100 Ethernet is an Ethernet module. This module is used for communication between the PLC and the control system. There are several security vulnerabilities in Koyo ECOM100 Ethernet, including: (1) Using an 8-byte password weak authentication mechanism. (2) There is a replay attack. (3) The WEB server does not have any verification mechanism. (4) There is a buffer overflow in the WEB server. (5) There is a cross-site scripting attack on the WEB server. (6) The WEB server has a denial of service attack, which can consume a lot of resources. A buffer-overflow vulnerability. 2. A denial-of-service vulnerability. 3. Multiple security-bypass vulnerabilities. 4. A cross site-scripting vulnerability. Attackers can exploit these issues to execute arbitrary code in the context of the affected application, cause denial-of-service conditions, bypass some security restrictions, allow an attacker to steal cookie-based information, or execute script code in the context of the browser of an unsuspecting user; other attacks may also be possible. ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Koyo ECOM100 Ethernet Module Cross-Site Scripting and Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA47735 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47735/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47735 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47735/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47735/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47735 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Koyo ECOM100 Ethernet Module, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service). 1) Certain unspecified input is not properly sanitised before being returned to the user. SOLUTION: Filter malicious characters and character sequences in a proxy. Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Reid Wightman via Digital Bond\x92s SCADA Security Scientific Symposium (S4). ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-05.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

The Fibre Channel over IP (FCIP) implementation in Cisco MDS NX-OS 4.2 and 5.2 on MDS 9000 series switches allows remote attackers to cause a denial of service (module reload) via a crafted FCIP header, aka Bug ID CSCtn93151. The problem is Bug ID CSCtn93151 It is a problem.Skillfully crafted by a third party FCIP Service disruption via header ( Module reload ) There is a possibility of being put into a state. Cisco MDS NX-OS is used for operational systems on this switch. Cisco MDS NX-OS is prone to a remote denial-of-service vulnerability. Successful exploits may allow an attacker to cause the device to reload, resulting in a denial-of-service condition. This issue being tracked by Cisco bug ID CSCtn93151

The web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 does not require authentication, which allows remote attackers to perform unspecified functions via unknown vectors. Koyo ECOM100 Ethernet is an Ethernet module. This module is used for communication between the PLC and the control system. There are several security vulnerabilities in Koyo ECOM100 Ethernet, including: (1) Using an 8-byte password weak authentication mechanism. (2) There is a replay attack. (3) The WEB server does not have any verification mechanism. (4) There is a buffer overflow in the WEB server. (5) There is a cross-site scripting attack on the WEB server. (6) The WEB server has a denial of service attack, which can consume a lot of resources. A buffer-overflow vulnerability. 2. A denial-of-service vulnerability. 3. Multiple security-bypass vulnerabilities. 4. A cross site-scripting vulnerability. Attackers can exploit these issues to execute arbitrary code in the context of the affected application, cause denial-of-service conditions, bypass some security restrictions, allow an attacker to steal cookie-based information, or execute script code in the context of the browser of an unsuspecting user; other attacks may also be possible. ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Koyo ECOM100 Ethernet Module Cross-Site Scripting and Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA47735 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47735/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47735 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47735/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47735/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47735 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Koyo ECOM100 Ethernet Module, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service). 1) Certain unspecified input is not properly sanitised before being returned to the user. SOLUTION: Filter malicious characters and character sequences in a proxy. Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Reid Wightman via Digital Bond\x92s SCADA Security Scientific Symposium (S4). ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-05.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------