Wan-Teh Chang

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 25.0.1 Mozilla Firefox ESR 17.x versions prior to 17.0.11 Mozilla Firefox ESR 24.x versions prior to 24.1.1 SeaMonkey versions prior to 2.22.1 NSPR versions prior to 4.10.2 **Description** The issue is related to an integer overflow in the `PL ArenaAllocate` function, which can be triggered by a crafted X.509 certificate. This can cause a denial of service, resulting in an application crash, and may have other unspecified impacts. **Recommendations** For Mozilla Firefox versions prior to 25.0.1, update to version 25.0.1 or later. For Mozilla Firefox ESR 17.x versions prior to 17.0.11, update to version 17.0.11 or later. For Mozilla Firefox ESR 24.x versions prior to 24.1.1, update to version 24.1.1 or later. For SeaMonkey versions prior to 2.22.1, update to version 2.22.1 or later. For NSPR versions prior to 4.10.2, update to version 4.10.2 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 17 **Description** The issue is related to an untrusted search path vulnerability in Mozilla Network Security Services (NSS) as used in Google Chrome. This might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. The vendor has responded that they do not consider this behavior a security bug. **Recommendations** For versions prior to 17, consider restricting access to top-level directories to prevent the placement of malicious pkcs11.txt files until a resolution is determined. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mac OS X versions prior to 10.6.8 **Description** The issue concerns the Certificate Trust Policy component, which fails to perform CRL checking for Extended Validation (EV) certificates lacking OCSP URLs. This might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate. **Recommendations** For Mac OS X versions prior to 10.6.8, update to version 10.6.8 or later to resolve the issue. As a temporary workaround, consider restricting the use of EV certificates that lack OCSP URLs to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Apple Mac OS X versions 10.6.3 through 10.6.4 **Description** The issue allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafted responses, due to CFNetwork supporting anonymous SSL and TLS connections. **Recommendations** For Apple Mac OS X versions 10.6.3 through 10.6.4, consider disabling anonymous SSL and TLS connections to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to the fixed version **Description** A spoofing issue exists due to incomplete validation of the distinguished name in a digital certificate. This can be combined with other attacks, such as DNS spoofing, allowing an attacker to spoof a digital certificate of a website for applications using Windows HTTP Services. **Recommendations** For Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Vista Gold, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.