CVE-2013-2566
15.03.2013, 21:55
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.Enginsight
| Vendor | Product | Version |
|---|---|---|
| oracle | communications_application_session_controller | 3.0.0 ≤ 𝑥 ≤ 3.9.1 |
| oracle | http_server | 11.1.1.7.0 |
| oracle | http_server | 11.1.1.9.0 |
| oracle | http_server | 12.1.3.0.0 |
| oracle | http_server | 12.2.1.1.0 |
| oracle | http_server | 12.2.1.2.0 |
| oracle | integrated_lights_out_manager_firmware | 3.0.0 ≤ 𝑥 ≤ 3.2.11 |
| oracle | integrated_lights_out_manager_firmware | 4.0.0 ≤ 𝑥 ≤ 4.0.4 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 12.10 |
| canonical | ubuntu_linux | 13.04 |
| canonical | ubuntu_linux | 13.10 |
| mozilla | firefox | 𝑥 < 17.0.11 |
| mozilla | firefox | 𝑥 < 25.0.1 |
| mozilla | firefox | 24.1.0 ≤ 𝑥 < 24.1.1 |
| mozilla | seamonkey | 𝑥 < 2.22.1 |
| mozilla | thunderbird | 𝑥 < 24.1.1 |
| mozilla | thunderbird_esr | 𝑥 < 17.0.11 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||||||
| openssl |
| ||||||||||||||
| thunderbird |
|
Common Weakness Enumeration
References