Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2011-3389

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

Published

2011-09-06T19:55:03.197

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 4.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-326

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	google	chrome	-	Yes
Application	microsoft	internet_explorer	-	Yes
Application	mozilla	firefox	-	Yes
Application	opera	opera_browser	-	Yes
Operating System	microsoft	windows	-	Yes
Operating System	siemens	simatic_rf68xr_firmware	< 3.2.1	Yes
Hardware	siemens	simatic_rf68xr	-	No
Operating System	siemens	simatic_rf615r_firmware	< 3.2.1	Yes
Hardware	siemens	simatic_rf615r	-	No
Application	haxx	curl	≤ 7.23.1	Yes
Operating System	redhat	enterprise_linux_desktop	5.0	Yes
Operating System	redhat	enterprise_linux_desktop	6.0	Yes
Operating System	redhat	enterprise_linux_eus	6.2	Yes
Operating System	redhat	enterprise_linux_server	5.0	Yes
Operating System	redhat	enterprise_linux_server	6.0	Yes
Operating System	redhat	enterprise_linux_server_aus	6.2	Yes
Operating System	redhat	enterprise_linux_workstation	5.0	Yes
Operating System	redhat	enterprise_linux_workstation	6.0	Yes
Operating System	debian	debian_linux	5.0	Yes
Operating System	debian	debian_linux	6.0	Yes
Operating System	canonical	ubuntu_linux	10.04	Yes
Operating System	canonical	ubuntu_linux	10.10	Yes
Operating System	canonical	ubuntu_linux	11.04	Yes
Operating System	canonical	ubuntu_linux	11.10	Yes

References

http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/ Third Party Advisory ([email protected])
http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx Third Party Advisory ([email protected])
http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx Third Party Advisory ([email protected])
http://curl.haxx.se/docs/adv_20120124B.html Third Party Advisory ([email protected])
http://downloads.asterisk.org/pub/security/AST-2016-001.html Third Party Advisory ([email protected])
http://ekoparty.org/2011/juliano-rizzo.php Broken Link ([email protected])
http://eprint.iacr.org/2004/111 Third Party Advisory ([email protected])
http://eprint.iacr.org/2006/136 Third Party Advisory ([email protected])
http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html Not Applicable, Vendor Advisory ([email protected])
http://isc.sans.edu/diary/SSL+TLS+part+3+/11635 Third Party Advisory ([email protected])
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html Broken Link ([email protected])
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html Broken Link ([email protected])
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html Broken Link, Mailing List ([email protected])
http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html Broken Link, Mailing List ([email protected])
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html Broken Link, Mailing List ([email protected])
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html Broken Link, Mailing List ([email protected])
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html Broken Link, Mailing List ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html Broken Link ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html Broken Link ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html Broken Link ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html Broken Link ([email protected])
http://marc.info/?l=bugtraq&m=132750579901589&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=132750579901589&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=132872385320240&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=132872385320240&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=133365109612558&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=133365109612558&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=133728004526190&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=133728004526190&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=134254866602253&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=134254957702612&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://marc.info/?l=bugtraq&m=134254957702612&w=2 Issue Tracking, Mailing List, Third Party Advisory ([email protected])
http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue Third Party Advisory ([email protected])
http://osvdb.org/74829 Broken Link ([email protected])
http://rhn.redhat.com/errata/RHSA-2012-0508.html Third Party Advisory ([email protected])
http://rhn.redhat.com/errata/RHSA-2013-1455.html Broken Link ([email protected])
http://secunia.com/advisories/45791 Not Applicable ([email protected])
http://secunia.com/advisories/47998 Not Applicable ([email protected])
http://secunia.com/advisories/48256 Not Applicable ([email protected])
http://secunia.com/advisories/48692 Not Applicable ([email protected])
http://secunia.com/advisories/48915 Not Applicable ([email protected])
http://secunia.com/advisories/48948 Not Applicable ([email protected])
http://secunia.com/advisories/49198 Not Applicable ([email protected])
http://secunia.com/advisories/55322 Not Applicable ([email protected])
http://secunia.com/advisories/55350 Not Applicable ([email protected])
http://secunia.com/advisories/55351 Not Applicable ([email protected])
http://security.gentoo.org/glsa/glsa-201203-02.xml Third Party Advisory ([email protected])
http://security.gentoo.org/glsa/glsa-201406-32.xml Third Party Advisory ([email protected])
http://support.apple.com/kb/HT4999 Third Party Advisory ([email protected])
http://support.apple.com/kb/HT5001 Third Party Advisory ([email protected])
http://support.apple.com/kb/HT5130 Third Party Advisory ([email protected])
http://support.apple.com/kb/HT5281 Broken Link ([email protected])
http://support.apple.com/kb/HT5501 Third Party Advisory ([email protected])
http://support.apple.com/kb/HT6150 Third Party Advisory ([email protected])
http://technet.microsoft.com/security/advisory/2588513 Patch, Vendor Advisory ([email protected])
http://vnhacker.blogspot.com/2011/09/beast.html Third Party Advisory ([email protected])
http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf Third Party Advisory ([email protected])
http://www.debian.org/security/2012/dsa-2398 Third Party Advisory ([email protected])
http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html Broken Link ([email protected])
http://www.ibm.com/developerworks/java/jdk/alerts/ Third Party Advisory ([email protected])
http://www.imperialviolet.org/2011/09/23/chromeandbeast.html Third Party Advisory ([email protected])
http://www.insecure.cl/Beast-SSL.rar Broken Link, Patch ([email protected])
http://www.kb.cert.org/vuls/id/864643 Third Party Advisory, US Government Resource ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2012:058 Broken Link ([email protected])
http://www.opera.com/docs/changelogs/mac/1151/ Third Party Advisory ([email protected])
http://www.opera.com/docs/changelogs/mac/1160/ Third Party Advisory ([email protected])
http://www.opera.com/docs/changelogs/unix/1151/ Third Party Advisory ([email protected])
http://www.opera.com/docs/changelogs/unix/1160/ Third Party Advisory ([email protected])
http://www.opera.com/docs/changelogs/windows/1151/ Third Party Advisory ([email protected])
http://www.opera.com/docs/changelogs/windows/1160/ Third Party Advisory ([email protected])
http://www.opera.com/support/kb/view/1004/ Third Party Advisory, Vendor Advisory ([email protected])
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Third Party Advisory ([email protected])
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html Third Party Advisory ([email protected])
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html Third Party Advisory ([email protected])
http://www.redhat.com/support/errata/RHSA-2011-1384.html Third Party Advisory, Vendor Advisory ([email protected])
http://www.redhat.com/support/errata/RHSA-2012-0006.html Third Party Advisory ([email protected])
http://www.securityfocus.com/bid/49388 Third Party Advisory, VDB Entry ([email protected])
http://www.securityfocus.com/bid/49778 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1029190 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id?1025997 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id?1026103 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id?1026704 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.ubuntu.com/usn/USN-1263-1 Third Party Advisory ([email protected])
http://www.us-cert.gov/cas/techalerts/TA12-010A.html Third Party Advisory, US Government Resource ([email protected])
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail Third Party Advisory ([email protected])
https://bugzilla.novell.com/show_bug.cgi?id=719047 Issue Tracking, Third Party Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=737506 Issue Tracking, Third Party Advisory ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf Third Party Advisory ([email protected])
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006 Patch, Vendor Advisory ([email protected])
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 Broken Link ([email protected])
https://hermes.opensuse.org/messages/13154861 Broken Link ([email protected])
https://hermes.opensuse.org/messages/13155432 Broken Link ([email protected])
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 Third Party Advisory, US Government Resource ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752 Third Party Advisory ([email protected])
http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://curl.haxx.se/docs/adv_20120124B.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://downloads.asterisk.org/pub/security/AST-2016-001.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://ekoparty.org/2011/juliano-rizzo.php Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://eprint.iacr.org/2004/111 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://eprint.iacr.org/2006/136 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html Not Applicable, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://isc.sans.edu/diary/SSL+TLS+part+3+/11635 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html Broken Link, Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html Broken Link, Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html Broken Link, Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html Broken Link, Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html Broken Link, Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=132750579901589&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=132750579901589&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=132872385320240&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=132872385320240&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=133365109612558&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=133365109612558&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=133728004526190&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=133728004526190&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=134254866602253&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=134254957702612&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=134254957702612&w=2 Issue Tracking, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/74829 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2012-0508.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2013-1455.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/45791 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/47998 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/48256 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/48692 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/48915 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/48948 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/49198 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/55322 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/55350 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/55351 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-201203-02.xml Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-201406-32.xml Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://support.apple.com/kb/HT4999 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://support.apple.com/kb/HT5001 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://support.apple.com/kb/HT5130 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://support.apple.com/kb/HT5281 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://support.apple.com/kb/HT5501 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://support.apple.com/kb/HT6150 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://technet.microsoft.com/security/advisory/2588513 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://vnhacker.blogspot.com/2011/09/beast.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2012/dsa-2398 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/developerworks/java/jdk/alerts/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.imperialviolet.org/2011/09/23/chromeandbeast.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.insecure.cl/Beast-SSL.rar Broken Link, Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/864643 Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2012:058 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.opera.com/docs/changelogs/mac/1151/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.opera.com/docs/changelogs/mac/1160/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.opera.com/docs/changelogs/unix/1151/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.opera.com/docs/changelogs/unix/1160/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.opera.com/docs/changelogs/windows/1151/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.opera.com/docs/changelogs/windows/1160/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.opera.com/support/kb/view/1004/ Third Party Advisory, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2011-1384.html Third Party Advisory, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2012-0006.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/49388 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/49778 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1029190 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1025997 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1026103 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1026704 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-1263-1 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/cas/techalerts/TA12-010A.html Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.novell.com/show_bug.cgi?id=719047 Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=737506 Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://hermes.opensuse.org/messages/13154861 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://hermes.opensuse.org/messages/13155432 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)