CVE-2011-3389

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Affected Products (NVD)
VendorProductVersion
googlechrome
-
microsoftinternet_explorer
-
mozillafirefox
-
operaopera_browser
-
microsoftwindows
-
siemenssimatic_rf68xr_firmware
𝑥
< 3.2.1
siemenssimatic_rf615r_firmware
𝑥
< 3.2.1
haxxcurl
7.10.6 ≤
𝑥
≤ 7.23.1
redhatenterprise_linux_desktop
5.0
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_eus
6.2
redhatenterprise_linux_server
5.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_server_aus
6.2
redhatenterprise_linux_workstation
5.0
redhatenterprise_linux_workstation
6.0
debiandebian_linux
5.0
debiandebian_linux
6.0
canonicalubuntu_linux
10.04
canonicalubuntu_linux
10.10
canonicalubuntu_linux
11.04
canonicalubuntu_linux
11.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
asterisk
bullseye
1:16.28.0~dfsg-0+deb11u4
fixed
bullseye (security)
1:16.28.0~dfsg-0+deb11u5
fixed
lenny
no-dsa
sid
1:22.0.0~dfsg+~cs6.14.60671435-1
fixed
squeeze
no-dsa
wheezy
no-dsa
bouncycastle
bookworm
1.72-2
fixed
bullseye
1.68-2
fixed
lenny
no-dsa
sid
1.77-1
fixed
squeeze
no-dsa
trixie
1.77-1
fixed
wheezy
no-dsa
curl
bookworm
7.88.1-10+deb12u7
fixed
bookworm (security)
7.88.1-10+deb12u5
fixed
bullseye
7.74.0-1.3+deb11u13
fixed
bullseye (security)
7.74.0-1.3+deb11u11
fixed
lenny
no-dsa
sid
8.10.1-2
fixed
squeeze
no-dsa
trixie
8.10.1-2
fixed
wheezy
no-dsa
erlang
bookworm
1:25.2.3+dfsg-1
fixed
bullseye
1:23.2.6+dfsg-1+deb11u1
fixed
lenny
no-dsa
sid
1:25.3.2.12+dfsg-3
fixed
squeeze
no-dsa
trixie
1:25.3.2.12+dfsg-3
fixed
wheezy
no-dsa
gnutls28
bookworm
unimportant
bullseye
unimportant
bullseye (security)
unimportant
lenny
no-dsa
sid
unimportant
squeeze
no-dsa
trixie
unimportant
wheezy
no-dsa
haskell-tls
bookworm
unimportant
bullseye
unimportant
lenny
no-dsa
sid
unimportant
squeeze
no-dsa
trixie
unimportant
wheezy
no-dsa
lighttpd
bookworm
1.4.69-1
fixed
bullseye
1.4.59-1+deb11u2
fixed
bullseye (security)
1.4.59-1+deb11u2
fixed
lenny
no-dsa
sid
1.4.76-1
fixed
squeeze
no-dsa
trixie
1.4.76-1
fixed
wheezy
no-dsa
nss
bookworm
2:3.87.1-1
fixed
bullseye
2:3.61-1+deb11u3
fixed
bullseye (security)
2:3.61-1+deb11u4
fixed
lenny
no-dsa
sid
2:3.105-2
fixed
squeeze
no-dsa
trixie
2:3.105-2
fixed
wheezy
no-dsa
pound
bullseye
3.0-2
fixed
lenny
no-dsa
sid
4.14-2
fixed
squeeze
no-dsa
trixie
4.14-2
fixed
wheezy
no-dsa
python2.7
bullseye
2.7.18-8+deb11u1
fixed
lenny
no-dsa
squeeze
no-dsa
wheezy
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gnutls26
hardy
dne
lucid
not-affected
maverick
not-affected
natty
not-affected
oneiric
not-affected
precise
not-affected
quantal
not-affected
icedtea-web
hardy
dne
lucid
not-affected
maverick
dne
natty
not-affected
oneiric
not-affected
precise
not-affected
quantal
not-affected
lighttpd
hardy
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
ignored
precise
ignored
quantal
ignored
openjdk-6
hardy
Fixed 6b27-1.12.3-0ubuntu1~08.04.1
released
lucid
Fixed 6b20-1.9.10-0ubuntu1~10.04.2
released
maverick
Fixed 6b20-1.9.10-0ubuntu1~10.10.2
released
natty
Fixed 6b22-1.10.4-0ubuntu1~11.04.1
released
oneiric
Fixed 6b23~pre11-0ubuntu1.11.10
released
precise
not-affected
quantal
not-affected
openjdk-6b18
hardy
dne
lucid
Fixed 6b18-1.8.10-0ubuntu1~10.04.2
released
maverick
Fixed 6b18-1.8.10-0ubuntu1~10.10.2
released
natty
Fixed 6b18-1.8.10-0ubuntu1~11.04.1
released
oneiric
ignored
precise
dne
quantal
dne
openjdk-7
hardy
dne
lucid
dne
maverick
dne
natty
dne
oneiric
Fixed 7~b147-2.0-0ubuntu0.11.10.1
released
precise
Fixed 7~b147-2.0-1ubuntu1
released
quantal
Fixed 7~b147-2.0-1ubuntu1
released
openssl
hardy
not-affected
lucid
not-affected
maverick
not-affected
natty
not-affected
oneiric
not-affected
precise
not-affected
quantal
not-affected
sun-java5
hardy
ignored
lucid
dne
maverick
dne
natty
dne
oneiric
dne
precise
dne
quantal
dne
sun-java6
hardy
ignored
lucid
dne
maverick
dne
natty
dne
oneiric
dne
precise
dne
quantal
dne
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
fetchmail
suse enterprise desktop 15
6.3.26-3.27
fixed
suse enterprise desktop 15 SP1
6.3.26-3.27
fixed
suse enterprise desktop 15 SP2
6.3.26-3.27
fixed
suse enterprise sap 15
6.3.26-3.27
fixed
suse enterprise sap 15 SP1
6.3.26-3.27
fixed
suse enterprise sap 15 SP2
6.3.26-3.27
fixed
suse enterprise server 15
6.3.26-3.27
fixed
suse enterprise server 15 SP1
6.3.26-3.27
fixed
suse enterprise server 15 SP2
6.3.26-3.27
fixed
fetchmailconf
suse enterprise desktop 15
6.3.26-3.27
fixed
suse enterprise desktop 15 SP1
6.3.26-3.27
fixed
suse enterprise desktop 15 SP2
6.3.26-3.27
fixed
suse enterprise sap 15
6.3.26-3.27
fixed
suse enterprise sap 15 SP1
6.3.26-3.27
fixed
suse enterprise sap 15 SP2
6.3.26-3.27
fixed
suse enterprise server 15
6.3.26-3.27
fixed
suse enterprise server 15 SP1
6.3.26-3.27
fixed
suse enterprise server 15 SP2
6.3.26-3.27
fixed
libfreebl3
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
libfreebl3-32bit
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
libfreebl3-hmac
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
libpython2_7-1_0
suse enterprise desktop 15
2.7.17-7.32.1
fixed
suse enterprise desktop 15 SP1
2.7.17-7.32.1
fixed
suse enterprise desktop 15 SP2
2.7.17-7.32.1
fixed
suse enterprise desktop 15 SP3
2.7.17-7.32.1
fixed
suse enterprise sap 15
2.7.17-7.32.1
fixed
suse enterprise sap 15 SP1
2.7.17-7.32.1
fixed
suse enterprise sap 15 SP2
2.7.17-7.32.1
fixed
suse enterprise sap 15 SP3
2.7.17-7.32.1
fixed
suse enterprise server 15
2.7.17-7.32.1
fixed
suse enterprise server 15 SP1
2.7.17-7.32.1
fixed
suse enterprise server 15 SP2
2.7.17-7.32.1
fixed
suse enterprise server 15 SP3
2.7.17-7.32.1
fixed
libpython3_6m1_0
suse enterprise desktop 15
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP1
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP2
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP3
3.6.10-3.42.2
fixed
suse enterprise sap 15
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP1
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP2
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP3
3.6.10-3.42.2
fixed
suse enterprise server 12 SP3
3.6.8-6.14.1
fixed
suse enterprise server 15
3.6.10-3.42.2
fixed
suse enterprise server 15 SP1
3.6.10-3.42.2
fixed
suse enterprise server 15 SP2
3.6.10-3.42.2
fixed
suse enterprise server 15 SP3
3.6.10-3.42.2
fixed
libsoftokn3
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
libsoftokn3-32bit
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
libsoftokn3-hmac
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
mozilla-nss
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
mozilla-nss-32bit
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
mozilla-nss-certs
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
mozilla-nss-certs-32bit
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
mozilla-nss-devel
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
mozilla-nss-sysinit
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
mozilla-nss-tools
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
python
suse enterprise desktop 15
2.7.17-7.32.2
fixed
suse enterprise desktop 15 SP1
2.7.17-7.32.2
fixed
suse enterprise desktop 15 SP2
2.7.17-7.32.2
fixed
suse enterprise desktop 15 SP3
2.7.17-7.32.2
fixed
suse enterprise sap 15
2.7.17-7.32.2
fixed
suse enterprise sap 15 SP1
2.7.17-7.32.2
fixed
suse enterprise sap 15 SP2
2.7.17-7.32.2
fixed
suse enterprise sap 15 SP3
2.7.17-7.32.2
fixed
suse enterprise server 15
2.7.17-7.32.2
fixed
suse enterprise server 15 SP1
2.7.17-7.32.2
fixed
suse enterprise server 15 SP2
2.7.17-7.32.2
fixed
suse enterprise server 15 SP3
2.7.17-7.32.2
fixed
python-base
suse enterprise desktop 15
2.7.17-7.32.1
fixed
suse enterprise desktop 15 SP1
2.7.17-7.32.1
fixed
suse enterprise desktop 15 SP2
2.7.17-7.32.1
fixed
suse enterprise desktop 15 SP3
2.7.17-7.32.1
fixed
suse enterprise sap 15
2.7.17-7.32.1
fixed
suse enterprise sap 15 SP1
2.7.17-7.32.1
fixed
suse enterprise sap 15 SP2
2.7.17-7.32.1
fixed
suse enterprise sap 15 SP3
2.7.17-7.32.1
fixed
suse enterprise server 15
2.7.17-7.32.1
fixed
suse enterprise server 15 SP1
2.7.17-7.32.1
fixed
suse enterprise server 15 SP2
2.7.17-7.32.1
fixed
suse enterprise server 15 SP3
2.7.17-7.32.1
fixed
python-curses
suse enterprise desktop 15
2.7.17-7.32.2
fixed
suse enterprise desktop 15 SP1
2.7.17-7.32.2
fixed
suse enterprise desktop 15 SP2
2.7.17-7.32.2
fixed
suse enterprise desktop 15 SP3
2.7.17-7.32.2
fixed
suse enterprise sap 15
2.7.17-7.32.2
fixed
suse enterprise sap 15 SP1
2.7.17-7.32.2
fixed
suse enterprise sap 15 SP2
2.7.17-7.32.2
fixed
suse enterprise sap 15 SP3
2.7.17-7.32.2
fixed
suse enterprise server 15
2.7.17-7.32.2
fixed
suse enterprise server 15 SP1
2.7.17-7.32.2
fixed
suse enterprise server 15 SP2
2.7.17-7.32.2
fixed
suse enterprise server 15 SP3
2.7.17-7.32.2
fixed
python-devel
suse enterprise desktop 15
2.7.17-7.32.1
fixed
suse enterprise desktop 15 SP1
2.7.17-7.32.1
fixed
suse enterprise desktop 15 SP2
2.7.17-7.32.1
fixed
suse enterprise desktop 15 SP3
2.7.17-7.32.1
fixed
suse enterprise sap 15
2.7.17-7.32.1
fixed
suse enterprise sap 15 SP1
2.7.17-7.32.1
fixed
suse enterprise sap 15 SP2
2.7.17-7.32.1
fixed
suse enterprise sap 15 SP3
2.7.17-7.32.1
fixed
suse enterprise server 15
2.7.17-7.32.1
fixed
suse enterprise server 15 SP1
2.7.17-7.32.1
fixed
suse enterprise server 15 SP2
2.7.17-7.32.1
fixed
suse enterprise server 15 SP3
2.7.17-7.32.1
fixed
python-gdbm
suse enterprise desktop 15
2.7.17-7.32.2
fixed
suse enterprise desktop 15 SP1
2.7.17-7.32.2
fixed
suse enterprise desktop 15 SP2
2.7.17-7.32.2
fixed
suse enterprise desktop 15 SP3
2.7.17-7.32.2
fixed
suse enterprise sap 15
2.7.17-7.32.2
fixed
suse enterprise sap 15 SP1
2.7.17-7.32.2
fixed
suse enterprise sap 15 SP2
2.7.17-7.32.2
fixed
suse enterprise sap 15 SP3
2.7.17-7.32.2
fixed
suse enterprise server 15
2.7.17-7.32.2
fixed
suse enterprise server 15 SP1
2.7.17-7.32.2
fixed
suse enterprise server 15 SP2
2.7.17-7.32.2
fixed
suse enterprise server 15 SP3
2.7.17-7.32.2
fixed
python-tk
suse enterprise desktop 15
2.7.17-7.32.2
fixed
suse enterprise desktop 15 SP1
2.7.17-7.32.2
fixed
suse enterprise desktop 15 SP2
2.7.17-7.32.2
fixed
suse enterprise sap 15
2.7.17-7.32.2
fixed
suse enterprise sap 15 SP1
2.7.17-7.32.2
fixed
suse enterprise sap 15 SP2
2.7.17-7.32.2
fixed
suse enterprise server 15
2.7.17-7.32.2
fixed
suse enterprise server 15 SP1
2.7.17-7.32.2
fixed
suse enterprise server 15 SP2
2.7.17-7.32.2
fixed
python-xml
suse enterprise desktop 15
2.7.17-7.32.1
fixed
suse enterprise desktop 15 SP1
2.7.17-7.32.1
fixed
suse enterprise desktop 15 SP2
2.7.17-7.32.1
fixed
suse enterprise desktop 15 SP3
2.7.17-7.32.1
fixed
suse enterprise sap 15
2.7.17-7.32.1
fixed
suse enterprise sap 15 SP1
2.7.17-7.32.1
fixed
suse enterprise sap 15 SP2
2.7.17-7.32.1
fixed
suse enterprise sap 15 SP3
2.7.17-7.32.1
fixed
suse enterprise server 15
2.7.17-7.32.1
fixed
suse enterprise server 15 SP1
2.7.17-7.32.1
fixed
suse enterprise server 15 SP2
2.7.17-7.32.1
fixed
suse enterprise server 15 SP3
2.7.17-7.32.1
fixed
python3
suse enterprise desktop 15
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP1
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP2
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP3
3.6.10-3.42.2
fixed
suse enterprise sap 15
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP1
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP2
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP3
3.6.10-3.42.2
fixed
suse enterprise server 15
3.6.10-3.42.2
fixed
suse enterprise server 15 SP1
3.6.10-3.42.2
fixed
suse enterprise server 15 SP2
3.6.10-3.42.2
fixed
suse enterprise server 15 SP3
3.6.10-3.42.2
fixed
python3-base
suse enterprise desktop 15
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP1
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP2
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP3
3.6.10-3.42.2
fixed
suse enterprise sap 15
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP1
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP2
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP3
3.6.10-3.42.2
fixed
suse enterprise server 15
3.6.10-3.42.2
fixed
suse enterprise server 15 SP1
3.6.10-3.42.2
fixed
suse enterprise server 15 SP2
3.6.10-3.42.2
fixed
suse enterprise server 15 SP3
3.6.10-3.42.2
fixed
python3-curses
suse enterprise desktop 15
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP1
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP2
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP3
3.6.10-3.42.2
fixed
suse enterprise sap 15
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP1
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP2
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP3
3.6.10-3.42.2
fixed
suse enterprise server 15
3.6.10-3.42.2
fixed
suse enterprise server 15 SP1
3.6.10-3.42.2
fixed
suse enterprise server 15 SP2
3.6.10-3.42.2
fixed
suse enterprise server 15 SP3
3.6.10-3.42.2
fixed
python3-dbm
suse enterprise desktop 15
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP1
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP2
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP3
3.6.10-3.42.2
fixed
suse enterprise sap 15
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP1
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP2
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP3
3.6.10-3.42.2
fixed
suse enterprise server 15
3.6.10-3.42.2
fixed
suse enterprise server 15 SP1
3.6.10-3.42.2
fixed
suse enterprise server 15 SP2
3.6.10-3.42.2
fixed
suse enterprise server 15 SP3
3.6.10-3.42.2
fixed
python3-devel
suse enterprise desktop 15
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP1
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP2
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP3
3.6.10-3.42.2
fixed
suse enterprise sap 15
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP1
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP2
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP3
3.6.10-3.42.2
fixed
suse enterprise server 15
3.6.10-3.42.2
fixed
suse enterprise server 15 SP1
3.6.10-3.42.2
fixed
suse enterprise server 15 SP2
3.6.10-3.42.2
fixed
suse enterprise server 15 SP3
3.6.10-3.42.2
fixed
python3-idle
suse enterprise desktop 15
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP1
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP2
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP3
3.6.10-3.42.2
fixed
suse enterprise sap 15
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP1
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP2
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP3
3.6.10-3.42.2
fixed
suse enterprise server 15
3.6.10-3.42.2
fixed
suse enterprise server 15 SP1
3.6.10-3.42.2
fixed
suse enterprise server 15 SP2
3.6.10-3.42.2
fixed
suse enterprise server 15 SP3
3.6.10-3.42.2
fixed
python3-tk
suse enterprise desktop 15
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP1
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP2
3.6.10-3.42.2
fixed
suse enterprise desktop 15 SP3
3.6.10-3.42.2
fixed
suse enterprise sap 15
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP1
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP2
3.6.10-3.42.2
fixed
suse enterprise sap 15 SP3
3.6.10-3.42.2
fixed
suse enterprise server 15
3.6.10-3.42.2
fixed
suse enterprise server 15 SP1
3.6.10-3.42.2
fixed
suse enterprise server 15 SP2
3.6.10-3.42.2
fixed
suse enterprise server 15 SP3
3.6.10-3.42.2
fixed
python36
suse enterprise server 12 SP3
3.6.8-6.14.1
fixed
python36-base
suse enterprise server 12 SP3
3.6.8-6.14.1
fixed
python36-curses
suse enterprise server 12 SP3
3.6.8-6.14.1
fixed
python36-dbm
suse enterprise server 12 SP3
3.6.8-6.14.1
fixed
python36-devel
suse enterprise server 12 SP3
3.6.8-6.14.1
fixed
python36-doc
suse enterprise server 12 SP3
3.6.8-6.14.1
fixed
python36-testsuite
suse enterprise server 12 SP3
3.6.8-6.14.1
fixed
python36-tk
suse enterprise server 12 SP3
3.6.8-6.14.1
fixed
python36-tools
suse enterprise server 12 SP3
3.6.8-6.14.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
java-1.5.0-ibm
RHEL 6
1:1.5.0.13.1-1jpp.2.el6_2
fixed
java-1.5.0-ibm-demo
RHEL 6
1:1.5.0.13.1-1jpp.2.el6_2
fixed
java-1.5.0-ibm-devel
RHEL 6
1:1.5.0.13.1-1jpp.2.el6_2
fixed
java-1.5.0-ibm-javacomm
RHEL 6
1:1.5.0.13.1-1jpp.2.el6_2
fixed
java-1.5.0-ibm-jdbc
RHEL 6
1:1.5.0.13.1-1jpp.2.el6_2
fixed
java-1.5.0-ibm-plugin
RHEL 6
1:1.5.0.13.1-1jpp.2.el6_2
fixed
java-1.5.0-ibm-src
RHEL 6
1:1.5.0.13.1-1jpp.2.el6_2
fixed
java-1.6.0-ibm
RHEL 6
1:1.6.0.10.0-1jpp.2.el6
fixed
java-1.6.0-ibm-demo
RHEL 6
1:1.6.0.10.0-1jpp.2.el6
fixed
java-1.6.0-ibm-devel
RHEL 6
1:1.6.0.10.0-1jpp.2.el6
fixed
java-1.6.0-ibm-javacomm
RHEL 6
1:1.6.0.10.0-1jpp.2.el6
fixed
java-1.6.0-ibm-jdbc
RHEL 6
1:1.6.0.10.0-1jpp.2.el6
fixed
java-1.6.0-ibm-plugin
RHEL 6
1:1.6.0.10.0-1jpp.2.el6
fixed
java-1.6.0-ibm-src
RHEL 6
1:1.6.0.10.0-1jpp.2.el6
fixed
java-1.6.0-openjdk
RHEL 6
1:1.6.0.0-1.40.1.9.10.el6_1
fixed
java-1.6.0-openjdk-demo
RHEL 6
1:1.6.0.0-1.40.1.9.10.el6_1
fixed
java-1.6.0-openjdk-devel
RHEL 6
1:1.6.0.0-1.40.1.9.10.el6_1
fixed
java-1.6.0-openjdk-javadoc
RHEL 6
1:1.6.0.0-1.40.1.9.10.el6_1
fixed
java-1.6.0-openjdk-src
RHEL 6
1:1.6.0.0-1.40.1.9.10.el6_1
fixed
java-1.6.0-sun
RHEL 6
1:1.6.0.29-1jpp.1.el6
fixed
java-1.6.0-sun-demo
RHEL 6
1:1.6.0.29-1jpp.1.el6
fixed
java-1.6.0-sun-devel
RHEL 6
1:1.6.0.29-1jpp.1.el6
fixed
java-1.6.0-sun-jdbc
RHEL 6
1:1.6.0.29-1jpp.1.el6
fixed
java-1.6.0-sun-plugin
RHEL 6
1:1.6.0.29-1jpp.1.el6
fixed
java-1.6.0-sun-src
RHEL 6
1:1.6.0.29-1jpp.1.el6
fixed
Common Weakness Enumeration
References
http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/
http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx
http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx
http://curl.haxx.se/docs/adv_20120124B.html
http://downloads.asterisk.org/pub/security/AST-2016-001.html
http://ekoparty.org/2011/juliano-rizzo.php
http://eprint.iacr.org/2004/111
http://eprint.iacr.org/2006/136
http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
http://isc.sans.edu/diary/SSL+TLS+part+3+/11635
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
http://marc.info/?l=bugtraq&m=132750579901589&w=2
http://marc.info/?l=bugtraq&m=132872385320240&w=2
http://marc.info/?l=bugtraq&m=133365109612558&w=2
http://marc.info/?l=bugtraq&m=133728004526190&w=2
http://marc.info/?l=bugtraq&m=134254866602253&w=2
http://marc.info/?l=bugtraq&m=134254957702612&w=2
http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue
http://osvdb.org/74829
http://rhn.redhat.com/errata/RHSA-2012-0508.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://secunia.com/advisories/45791
http://secunia.com/advisories/47998
http://secunia.com/advisories/48256
http://secunia.com/advisories/48692
http://secunia.com/advisories/48915
http://secunia.com/advisories/48948
http://secunia.com/advisories/49198
http://secunia.com/advisories/55322
http://secunia.com/advisories/55350
http://secunia.com/advisories/55351
http://security.gentoo.org/glsa/glsa-201203-02.xml
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://support.apple.com/kb/HT4999
http://support.apple.com/kb/HT5001
http://support.apple.com/kb/HT5130
http://support.apple.com/kb/HT5281
http://support.apple.com/kb/HT5501
http://support.apple.com/kb/HT6150
http://technet.microsoft.com/security/advisory/2588513
http://vnhacker.blogspot.com/2011/09/beast.html
http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf
http://www.debian.org/security/2012/dsa-2398
http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html
http://www.ibm.com/developerworks/java/jdk/alerts/
http://www.imperialviolet.org/2011/09/23/chromeandbeast.html
http://www.insecure.cl/Beast-SSL.rar
http://www.kb.cert.org/vuls/id/864643
http://www.mandriva.com/security/advisories?name=MDVSA-2012:058
http://www.opera.com/docs/changelogs/mac/1151/
http://www.opera.com/docs/changelogs/mac/1160/
http://www.opera.com/docs/changelogs/unix/1151/
http://www.opera.com/docs/changelogs/unix/1160/
http://www.opera.com/docs/changelogs/windows/1151/
http://www.opera.com/docs/changelogs/windows/1160/
http://www.opera.com/support/kb/view/1004/
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
http://www.redhat.com/support/errata/RHSA-2011-1384.html
http://www.redhat.com/support/errata/RHSA-2012-0006.html
http://www.securityfocus.com/bid/49388
http://www.securityfocus.com/bid/49778
http://www.securitytracker.com/id/1029190
http://www.securitytracker.com/id?1025997
http://www.securitytracker.com/id?1026103
http://www.securitytracker.com/id?1026704
http://www.ubuntu.com/usn/USN-1263-1
http://www.us-cert.gov/cas/techalerts/TA12-010A.html
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail
https://bugzilla.novell.com/show_bug.cgi?id=719047
https://bugzilla.redhat.com/show_bug.cgi?id=737506
https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
https://hermes.opensuse.org/messages/13154861
https://hermes.opensuse.org/messages/13155432
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752
http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/
http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx
http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx
http://curl.haxx.se/docs/adv_20120124B.html
http://downloads.asterisk.org/pub/security/AST-2016-001.html
http://ekoparty.org/2011/juliano-rizzo.php
http://eprint.iacr.org/2004/111
http://eprint.iacr.org/2006/136
http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
http://isc.sans.edu/diary/SSL+TLS+part+3+/11635
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
http://marc.info/?l=bugtraq&m=132750579901589&w=2
http://marc.info/?l=bugtraq&m=132872385320240&w=2
http://marc.info/?l=bugtraq&m=133365109612558&w=2
http://marc.info/?l=bugtraq&m=133728004526190&w=2
http://marc.info/?l=bugtraq&m=134254866602253&w=2
http://marc.info/?l=bugtraq&m=134254957702612&w=2
http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue
http://osvdb.org/74829
http://rhn.redhat.com/errata/RHSA-2012-0508.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://secunia.com/advisories/45791
http://secunia.com/advisories/47998
http://secunia.com/advisories/48256
http://secunia.com/advisories/48692
http://secunia.com/advisories/48915
http://secunia.com/advisories/48948
http://secunia.com/advisories/49198
http://secunia.com/advisories/55322
http://secunia.com/advisories/55350
http://secunia.com/advisories/55351
http://security.gentoo.org/glsa/glsa-201203-02.xml
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://support.apple.com/kb/HT4999
http://support.apple.com/kb/HT5001
http://support.apple.com/kb/HT5130
http://support.apple.com/kb/HT5281
http://support.apple.com/kb/HT5501
http://support.apple.com/kb/HT6150
http://technet.microsoft.com/security/advisory/2588513
http://vnhacker.blogspot.com/2011/09/beast.html
http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf
http://www.debian.org/security/2012/dsa-2398
http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html
http://www.ibm.com/developerworks/java/jdk/alerts/
http://www.imperialviolet.org/2011/09/23/chromeandbeast.html
http://www.insecure.cl/Beast-SSL.rar
http://www.kb.cert.org/vuls/id/864643
http://www.mandriva.com/security/advisories?name=MDVSA-2012:058
http://www.opera.com/docs/changelogs/mac/1151/
http://www.opera.com/docs/changelogs/mac/1160/
http://www.opera.com/docs/changelogs/unix/1151/
http://www.opera.com/docs/changelogs/unix/1160/
http://www.opera.com/docs/changelogs/windows/1151/
http://www.opera.com/docs/changelogs/windows/1160/
http://www.opera.com/support/kb/view/1004/
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
http://www.redhat.com/support/errata/RHSA-2011-1384.html
http://www.redhat.com/support/errata/RHSA-2012-0006.html
http://www.securityfocus.com/bid/49388
http://www.securityfocus.com/bid/49778
http://www.securitytracker.com/id/1029190
http://www.securitytracker.com/id?1025997
http://www.securitytracker.com/id?1026103
http://www.securitytracker.com/id?1026704
http://www.ubuntu.com/usn/USN-1263-1
http://www.us-cert.gov/cas/techalerts/TA12-010A.html
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail
https://bugzilla.novell.com/show_bug.cgi?id=719047
https://bugzilla.redhat.com/show_bug.cgi?id=737506
https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
https://hermes.opensuse.org/messages/13154861
https://hermes.opensuse.org/messages/13155432
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752