{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2009-2408","title":"Title"},{"category":"description","text":"Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2009-2408","url":"https://www.suse.com/security/cve/CVE-2009-2408"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 522602 for CVE-2009-2408","url":"https://bugzilla.suse.com/522602"},{"category":"external","summary":"SUSE Bug 527126 for CVE-2009-2408","url":"https://bugzilla.suse.com/527126"},{"category":"external","summary":"SUSE Bug 528298 for CVE-2009-2408","url":"https://bugzilla.suse.com/528298"},{"category":"external","summary":"SUSE Bug 528746 for CVE-2009-2408","url":"https://bugzilla.suse.com/528746"},{"category":"external","summary":"SUSE Bug 534782 for CVE-2009-2408","url":"https://bugzilla.suse.com/534782"},{"category":"external","summary":"SUSE Bug 535554 for CVE-2009-2408","url":"https://bugzilla.suse.com/535554"},{"category":"external","summary":"SUSE Bug 537141 for CVE-2009-2408","url":"https://bugzilla.suse.com/537141"},{"category":"external","summary":"SUSE Bug 537143 for CVE-2009-2408","url":"https://bugzilla.suse.com/537143"},{"category":"external","summary":"SUSE Bug 544910 for CVE-2009-2408","url":"https://bugzilla.suse.com/544910"},{"category":"external","summary":"SUSE Bug 557181 for CVE-2009-2408","url":"https://bugzilla.suse.com/557181"},{"category":"external","summary":"SUSE Bug 585393 for CVE-2009-2408","url":"https://bugzilla.suse.com/585393"},{"category":"external","summary":"SUSE Bug 609451 for CVE-2009-2408","url":"https://bugzilla.suse.com/609451"},{"category":"external","summary":"SUSE Bug 626159 for CVE-2009-2408","url":"https://bugzilla.suse.com/626159"},{"category":"external","summary":"SUSE Bug 837746 for CVE-2009-2408","url":"https://bugzilla.suse.com/837746"},{"category":"external","summary":"SUSE Bug 890510 for CVE-2009-2408","url":"https://bugzilla.suse.com/890510"},{"category":"external","summary":"Advisory link for SUSE-SA:2009:048","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/475UKY5X2WLJMXQ4S5LC62MFIPPFCHUH/#475UKY5X2WLJMXQ4S5LC62MFIPPFCHUH"},{"category":"external","summary":"Advisory link for SUSE-SR:2009:016","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ONCZEJ2OSRDB5UJWYUEBLKJ7IUHPOR62/#ONCZEJ2OSRDB5UJWYUEBLKJ7IUHPOR62"},{"category":"external","summary":"Advisory link for SUSE-SR:2009:018","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VMEAISLN34UWMY72L5AVPLMJAVE4JTFW/#VMEAISLN34UWMY72L5AVPLMJAVE4JTFW"},{"category":"external","summary":"Advisory link for TID7021279","url":"https://www.suse.com/support/kb/doc/?id=7021279"},{"category":"external","summary":"Advisory link for TID7021518","url":"https://www.suse.com/support/kb/doc/?id=7021518"},{"category":"external","summary":"Advisory link for TID7021676","url":"https://www.suse.com/support/kb/doc/?id=7021676"},{"category":"external","summary":"Advisory link for TID7021848","url":"https://www.suse.com/support/kb/doc/?id=7021848"},{"category":"external","summary":"Advisory link for TID7022090","url":"https://www.suse.com/support/kb/doc/?id=7022090"},{"category":"external","summary":"Advisory link for TID7022102","url":"https://www.suse.com/support/kb/doc/?id=7022102"}],"title":"SUSE CVE CVE-2009-2408","tracking":{"current_release_date":"2025-10-08T01:37:47Z","generator":{"date":"2023-02-15T06:03:25Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2009-2408","initial_release_date":"2023-02-15T06:03:25Z","revision_history":[{"date":"2023-02-15T06:03:25Z","number":"2","summary":"Current version"},{"date":"2023-12-08T05:13:28Z","number":"3","summary":"Current version"},{"date":"2023-12-09T03:36:19Z","number":"4","summary":"Current version"},{"date":"2024-02-15T05:59:59Z","number":"5","summary":"Current version"},{"date":"2024-10-19T13:00:06Z","number":"6","summary":"Current version"},{"date":"2025-03-14T08:16:08Z","number":"7","summary":"Current version"},{"date":"2025-03-16T14:50:21Z","number":"8","summary":"Current version"},{"date":"2025-04-25T14:19:39Z","number":"9","summary":"Current version"},{"date":"2025-10-08T01:37:47Z","number":"10","summary":"Current version"}],"status":"interim","version":"10"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Desktop 11","product":{"name":"SUSE Linux Enterprise Desktop 11","product_id":"SUSE Linux Enterprise Desktop 11","product_identification_helper":{"cpe":"cpe:/o:suse:suse_sled:11"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 11","product":{"name":"SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11","product_identification_helper":{"cpe":"cpe:/o:suse:suse_sles:11"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 11","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:11"}}},{"category":"product_name","name":"SUSE Linux Enterprise Software Development Kit 11","product":{"name":"SUSE Linux Enterprise Software Development Kit 11","product_id":"SUSE Linux Enterprise Software Development Kit 11","product_identification_helper":{"cpe":"cpe:/a:suse:sle-sdk:11"}}},{"category":"product_version","name":"libfreebl3-3.12.3.1-1.1.1","product":{"name":"libfreebl3-3.12.3.1-1.1.1","product_id":"libfreebl3-3.12.3.1-1.1.1","product_identification_helper":{"cpe":"cpe:2.3:a:mozilla:nss:3.12.3.1:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/libfreebl3@3.12.3.1-1.1.1?upstream=mozilla-nss-3.12.3.1-1.1.1.src.rpm"}}},{"category":"product_version","name":"libfreebl3-32bit-3.12.3.1-1.1.1","product":{"name":"libfreebl3-32bit-3.12.3.1-1.1.1","product_id":"libfreebl3-32bit-3.12.3.1-1.1.1","product_identification_helper":{"cpe":"cpe:2.3:a:mozilla:nss:3.12.3.1:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/libfreebl3-32bit@3.12.3.1-1.1.1?upstream=mozilla-nss-3.12.3.1-1.1.1.src.rpm"}}},{"category":"product_version","name":"libfreebl3-x86-3.12.8-1.2.1","product":{"name":"libfreebl3-x86-3.12.8-1.2.1","product_id":"libfreebl3-x86-3.12.8-1.2.1","product_identification_helper":{"cpe":"cpe:2.3:a:mozilla:nss:3.12.8:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/libfreebl3-x86@3.12.8-1.2.1?upstream=mozilla-nss-3.12.8-1.2.1.src.rpm"}}},{"category":"product_version","name":"libldap-2_4-2","product":{"name":"libldap-2_4-2","product_id":"libldap-2_4-2","product_identification_helper":{"purl":"pkg:rpm/suse/libldap@2_4-2"}}},{"category":"product_version","name":"libldap-2_4-2-2.4.12-7.18.1","product":{"name":"libldap-2_4-2-2.4.12-7.18.1","product_id":"libldap-2_4-2-2.4.12-7.18.1","product_identification_helper":{"cpe":"cpe:2.3:a:openldap:openldap:2.4.12:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/libldap-2_4-2@2.4.12-7.18.1?upstream=openldap2-client-2.4.12-7.18.1.src.rpm"}}},{"category":"product_version","name":"libldap-2_4-2-32bit-2.4.12-7.18.1","product":{"name":"libldap-2_4-2-32bit-2.4.12-7.18.1","product_id":"libldap-2_4-2-32bit-2.4.12-7.18.1","product_identification_helper":{"cpe":"cpe:2.3:a:openldap:openldap:2.4.12:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/libldap-2_4-2-32bit@2.4.12-7.18.1?upstream=openldap2-2.4.12-7.18.1.src.rpm"}}},{"category":"product_version","name":"libldap-2_4-2-x86-2.4.12-7.19.1","product":{"name":"libldap-2_4-2-x86-2.4.12-7.19.1","product_id":"libldap-2_4-2-x86-2.4.12-7.19.1","product_identification_helper":{"cpe":"cpe:2.3:a:openldap:openldap:2.4.12:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/libldap-2_4-2-x86@2.4.12-7.19.1?upstream=openldap2-client-2.4.12-7.19.1.src.rpm"}}},{"category":"product_version","name":"libneon27-0.28.3-2.12.1","product":{"name":"libneon27-0.28.3-2.12.1","product_id":"libneon27-0.28.3-2.12.1","product_identification_helper":{"cpe":"cpe:2.3:a:webdav:neon:0.28.3:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/libneon27@0.28.3-2.12.1?upstream=neon-0.28.3-2.12.1.src.rpm"}}},{"category":"product_version","name":"libneon27-32bit-0.28.3-2.12.1","product":{"name":"libneon27-32bit-0.28.3-2.12.1","product_id":"libneon27-32bit-0.28.3-2.12.1","product_identification_helper":{"cpe":"cpe:2.3:a:webdav:neon:0.28.3:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/libneon27-32bit@0.28.3-2.12.1?upstream=neon-0.28.3-2.12.1.src.rpm"}}},{"category":"product_version","name":"libneon27-x86-0.28.3-2.12.1","product":{"name":"libneon27-x86-0.28.3-2.12.1","product_id":"libneon27-x86-0.28.3-2.12.1","product_identification_helper":{"cpe":"cpe:2.3:a:webdav:neon:0.28.3:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/libneon27-x86@0.28.3-2.12.1?upstream=neon-0.28.3-2.12.1.src.rpm"}}},{"category":"product_version","name":"mozilla-nspr-32bit-4.8.6-1.2.1","product":{"name":"mozilla-nspr-32bit-4.8.6-1.2.1","product_id":"mozilla-nspr-32bit-4.8.6-1.2.1","product_identification_helper":{"cpe":"cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.6:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/mozilla-nspr-32bit@4.8.6-1.2.1?upstream=mozilla-nspr-4.8.6-1.2.1.src.rpm"}}},{"category":"product_version","name":"mozilla-nspr-4.8.6-1.2.1","product":{"name":"mozilla-nspr-4.8.6-1.2.1","product_id":"mozilla-nspr-4.8.6-1.2.1","product_identification_helper":{"cpe":"cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.6:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/mozilla-nspr@4.8.6-1.2.1?upstream=mozilla-nspr-4.8.6-1.2.1.src.rpm"}}},{"category":"product_version","name":"mozilla-nspr-x86-4.8.6-1.2.1","product":{"name":"mozilla-nspr-x86-4.8.6-1.2.1","product_id":"mozilla-nspr-x86-4.8.6-1.2.1","product_identification_helper":{"cpe":"cpe:2.3:a:mozilla:netscape_portable_runtime:4.8.6:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/mozilla-nspr-x86@4.8.6-1.2.1?upstream=mozilla-nspr-4.8.6-1.2.1.src.rpm"}}},{"category":"product_version","name":"mozilla-nss-3.12.3.1-1.1.1","product":{"name":"mozilla-nss-3.12.3.1-1.1.1","product_id":"mozilla-nss-3.12.3.1-1.1.1","product_identification_helper":{"cpe":"cpe:2.3:a:mozilla:nss:3.12.3.1:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/mozilla-nss@3.12.3.1-1.1.1?upstream=mozilla-nss-3.12.3.1-1.1.1.src.rpm"}}},{"category":"product_version","name":"mozilla-nss-32bit-3.12.3.1-1.1.1","product":{"name":"mozilla-nss-32bit-3.12.3.1-1.1.1","product_id":"mozilla-nss-32bit-3.12.3.1-1.1.1","product_identification_helper":{"cpe":"cpe:2.3:a:mozilla:nss:3.12.3.1:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/mozilla-nss-32bit@3.12.3.1-1.1.1?upstream=mozilla-nss-3.12.3.1-1.1.1.src.rpm"}}},{"category":"product_version","name":"mozilla-nss-tools-3.12.3.1-1.1.1","product":{"name":"mozilla-nss-tools-3.12.3.1-1.1.1","product_id":"mozilla-nss-tools-3.12.3.1-1.1.1","product_identification_helper":{"cpe":"cpe:2.3:a:mozilla:nss:3.12.3.1:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/mozilla-nss-tools@3.12.3.1-1.1.1?upstream=mozilla-nss-3.12.3.1-1.1.1.src.rpm"}}},{"category":"product_version","name":"mozilla-nss-x86-3.12.8-1.2.1","product":{"name":"mozilla-nss-x86-3.12.8-1.2.1","product_id":"mozilla-nss-x86-3.12.8-1.2.1","product_identification_helper":{"cpe":"cpe:2.3:a:mozilla:nss:3.12.8:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/mozilla-nss-x86@3.12.8-1.2.1?upstream=mozilla-nss-3.12.8-1.2.1.src.rpm"}}},{"category":"product_version","name":"mutt-1.5.17-42.32.2","product":{"name":"mutt-1.5.17-42.32.2","product_id":"mutt-1.5.17-42.32.2","product_identification_helper":{"cpe":"cpe:2.3:a:mutt:mutt:1.5.17:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/mutt@1.5.17-42.32.2?upstream=mutt-1.5.17-42.32.2.src.rpm"}}},{"category":"product_version","name":"neon-0.28.3-2.12.1","product":{"name":"neon-0.28.3-2.12.1","product_id":"neon-0.28.3-2.12.1","product_identification_helper":{"cpe":"cpe:2.3:a:webdav:neon:0.28.3:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/neon@0.28.3-2.12.1?upstream=neon-0.28.3-2.12.1.src.rpm"}}},{"category":"product_version","name":"openldap2-2.4.12-7.18.1","product":{"name":"openldap2-2.4.12-7.18.1","product_id":"openldap2-2.4.12-7.18.1","product_identification_helper":{"cpe":"cpe:2.3:a:openldap:openldap:2.4.12:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/openldap2@2.4.12-7.18.1?upstream=openldap2-2.4.12-7.18.1.src.rpm"}}},{"category":"product_version","name":"openldap2-back-meta-2.4.12-7.18.1","product":{"name":"openldap2-back-meta-2.4.12-7.18.1","product_id":"openldap2-back-meta-2.4.12-7.18.1","product_identification_helper":{"cpe":"cpe:2.3:a:openldap:openldap:2.4.12:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/openldap2-back-meta@2.4.12-7.18.1?upstream=openldap2-2.4.12-7.18.1.src.rpm"}}},{"category":"product_version","name":"openldap2-client","product":{"name":"openldap2-client","product_id":"openldap2-client","product_identification_helper":{"cpe":"cpe:2.3:a:openldap:openldap:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/openldap2-client@?upstream=openldap2-client.src.rpm"}}},{"category":"product_version","name":"openldap2-client-2.4.12-7.18.1","product":{"name":"openldap2-client-2.4.12-7.18.1","product_id":"openldap2-client-2.4.12-7.18.1","product_identification_helper":{"cpe":"cpe:2.3:a:openldap:openldap:2.4.12:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/openldap2-client@2.4.12-7.18.1?upstream=openldap2-client-2.4.12-7.18.1.src.rpm"}}},{"category":"product_version","name":"zlib-1.2.3-106.34","product":{"name":"zlib-1.2.3-106.34","product_id":"zlib-1.2.3-106.34","product_identification_helper":{"cpe":"cpe:2.3:a:zlib:zlib:1.2.3:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/zlib@1.2.3-106.34?upstream=zlib-1.2.3-106.34.src.rpm"}}},{"category":"product_version","name":"zlib-32bit-1.2.3-106.34","product":{"name":"zlib-32bit-1.2.3-106.34","product_id":"zlib-32bit-1.2.3-106.34","product_identification_helper":{"cpe":"cpe:2.3:a:zlib:zlib:1.2.3:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/zlib-32bit@1.2.3-106.34?upstream=zlib-1.2.3-106.34.src.rpm"}}},{"category":"product_version","name":"zlib-x86-1.2.3-106.34","product":{"name":"zlib-x86-1.2.3-106.34","product_id":"zlib-x86-1.2.3-106.34","product_identification_helper":{"cpe":"cpe:2.3:a:zlib:zlib:1.2.3:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/zlib-x86@1.2.3-106.34?upstream=zlib-1.2.3-106.34.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"libfreebl3-3.12.3.1-1.1.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:libfreebl3-3.12.3.1-1.1.1"},"product_reference":"libfreebl3-3.12.3.1-1.1.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"libfreebl3-32bit-3.12.3.1-1.1.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:libfreebl3-32bit-3.12.3.1-1.1.1"},"product_reference":"libfreebl3-32bit-3.12.3.1-1.1.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"libfreebl3-x86-3.12.8-1.2.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:libfreebl3-x86-3.12.8-1.2.1"},"product_reference":"libfreebl3-x86-3.12.8-1.2.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"libldap-2_4-2-2.4.12-7.18.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:libldap-2_4-2-2.4.12-7.18.1"},"product_reference":"libldap-2_4-2-2.4.12-7.18.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"libldap-2_4-2-32bit-2.4.12-7.18.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:libldap-2_4-2-32bit-2.4.12-7.18.1"},"product_reference":"libldap-2_4-2-32bit-2.4.12-7.18.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"libldap-2_4-2-x86-2.4.12-7.19.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:libldap-2_4-2-x86-2.4.12-7.19.1"},"product_reference":"libldap-2_4-2-x86-2.4.12-7.19.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"libneon27-0.28.3-2.12.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:libneon27-0.28.3-2.12.1"},"product_reference":"libneon27-0.28.3-2.12.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"libneon27-32bit-0.28.3-2.12.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:libneon27-32bit-0.28.3-2.12.1"},"product_reference":"libneon27-32bit-0.28.3-2.12.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"libneon27-x86-0.28.3-2.12.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:libneon27-x86-0.28.3-2.12.1"},"product_reference":"libneon27-x86-0.28.3-2.12.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"mozilla-nspr-4.8.6-1.2.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:mozilla-nspr-4.8.6-1.2.1"},"product_reference":"mozilla-nspr-4.8.6-1.2.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"mozilla-nspr-32bit-4.8.6-1.2.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:mozilla-nspr-32bit-4.8.6-1.2.1"},"product_reference":"mozilla-nspr-32bit-4.8.6-1.2.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"mozilla-nspr-x86-4.8.6-1.2.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:mozilla-nspr-x86-4.8.6-1.2.1"},"product_reference":"mozilla-nspr-x86-4.8.6-1.2.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"mozilla-nss-3.12.3.1-1.1.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:mozilla-nss-3.12.3.1-1.1.1"},"product_reference":"mozilla-nss-3.12.3.1-1.1.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"mozilla-nss-32bit-3.12.3.1-1.1.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:mozilla-nss-32bit-3.12.3.1-1.1.1"},"product_reference":"mozilla-nss-32bit-3.12.3.1-1.1.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"mozilla-nss-tools-3.12.3.1-1.1.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:mozilla-nss-tools-3.12.3.1-1.1.1"},"product_reference":"mozilla-nss-tools-3.12.3.1-1.1.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"mozilla-nss-x86-3.12.8-1.2.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:mozilla-nss-x86-3.12.8-1.2.1"},"product_reference":"mozilla-nss-x86-3.12.8-1.2.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"mutt-1.5.17-42.32.2 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:mutt-1.5.17-42.32.2"},"product_reference":"mutt-1.5.17-42.32.2","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"neon-0.28.3-2.12.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:neon-0.28.3-2.12.1"},"product_reference":"neon-0.28.3-2.12.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"openldap2-2.4.12-7.18.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:openldap2-2.4.12-7.18.1"},"product_reference":"openldap2-2.4.12-7.18.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"openldap2-back-meta-2.4.12-7.18.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:openldap2-back-meta-2.4.12-7.18.1"},"product_reference":"openldap2-back-meta-2.4.12-7.18.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"openldap2-client-2.4.12-7.18.1 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:openldap2-client-2.4.12-7.18.1"},"product_reference":"openldap2-client-2.4.12-7.18.1","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"zlib-1.2.3-106.34 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:zlib-1.2.3-106.34"},"product_reference":"zlib-1.2.3-106.34","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"zlib-32bit-1.2.3-106.34 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:zlib-32bit-1.2.3-106.34"},"product_reference":"zlib-32bit-1.2.3-106.34","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"zlib-x86-1.2.3-106.34 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:zlib-x86-1.2.3-106.34"},"product_reference":"zlib-x86-1.2.3-106.34","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"libfreebl3-3.12.3.1-1.1.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-3.12.3.1-1.1.1"},"product_reference":"libfreebl3-3.12.3.1-1.1.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"libfreebl3-32bit-3.12.3.1-1.1.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-32bit-3.12.3.1-1.1.1"},"product_reference":"libfreebl3-32bit-3.12.3.1-1.1.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"libfreebl3-x86-3.12.8-1.2.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-x86-3.12.8-1.2.1"},"product_reference":"libfreebl3-x86-3.12.8-1.2.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"libldap-2_4-2-2.4.12-7.18.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-2.4.12-7.18.1"},"product_reference":"libldap-2_4-2-2.4.12-7.18.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"libldap-2_4-2-32bit-2.4.12-7.18.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-32bit-2.4.12-7.18.1"},"product_reference":"libldap-2_4-2-32bit-2.4.12-7.18.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"libldap-2_4-2-x86-2.4.12-7.19.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-x86-2.4.12-7.19.1"},"product_reference":"libldap-2_4-2-x86-2.4.12-7.19.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"libneon27-0.28.3-2.12.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:libneon27-0.28.3-2.12.1"},"product_reference":"libneon27-0.28.3-2.12.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"libneon27-32bit-0.28.3-2.12.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:libneon27-32bit-0.28.3-2.12.1"},"product_reference":"libneon27-32bit-0.28.3-2.12.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"libneon27-x86-0.28.3-2.12.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:libneon27-x86-0.28.3-2.12.1"},"product_reference":"libneon27-x86-0.28.3-2.12.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"mozilla-nspr-4.8.6-1.2.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-4.8.6-1.2.1"},"product_reference":"mozilla-nspr-4.8.6-1.2.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"mozilla-nspr-32bit-4.8.6-1.2.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-32bit-4.8.6-1.2.1"},"product_reference":"mozilla-nspr-32bit-4.8.6-1.2.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"mozilla-nspr-x86-4.8.6-1.2.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-x86-4.8.6-1.2.1"},"product_reference":"mozilla-nspr-x86-4.8.6-1.2.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"mozilla-nss-3.12.3.1-1.1.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-3.12.3.1-1.1.1"},"product_reference":"mozilla-nss-3.12.3.1-1.1.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"mozilla-nss-32bit-3.12.3.1-1.1.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-32bit-3.12.3.1-1.1.1"},"product_reference":"mozilla-nss-32bit-3.12.3.1-1.1.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"mozilla-nss-tools-3.12.3.1-1.1.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-tools-3.12.3.1-1.1.1"},"product_reference":"mozilla-nss-tools-3.12.3.1-1.1.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"mozilla-nss-x86-3.12.8-1.2.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-x86-3.12.8-1.2.1"},"product_reference":"mozilla-nss-x86-3.12.8-1.2.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"mutt-1.5.17-42.32.2 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:mutt-1.5.17-42.32.2"},"product_reference":"mutt-1.5.17-42.32.2","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"neon-0.28.3-2.12.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:neon-0.28.3-2.12.1"},"product_reference":"neon-0.28.3-2.12.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"openldap2-2.4.12-7.18.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:openldap2-2.4.12-7.18.1"},"product_reference":"openldap2-2.4.12-7.18.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"openldap2-back-meta-2.4.12-7.18.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:openldap2-back-meta-2.4.12-7.18.1"},"product_reference":"openldap2-back-meta-2.4.12-7.18.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"openldap2-client-2.4.12-7.18.1 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:openldap2-client-2.4.12-7.18.1"},"product_reference":"openldap2-client-2.4.12-7.18.1","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"zlib-1.2.3-106.34 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:zlib-1.2.3-106.34"},"product_reference":"zlib-1.2.3-106.34","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"zlib-32bit-1.2.3-106.34 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:zlib-32bit-1.2.3-106.34"},"product_reference":"zlib-32bit-1.2.3-106.34","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"zlib-x86-1.2.3-106.34 as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:zlib-x86-1.2.3-106.34"},"product_reference":"zlib-x86-1.2.3-106.34","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"openldap2-client as component of SUSE Linux Enterprise Desktop 11","product_id":"SUSE Linux Enterprise Desktop 11:openldap2-client"},"product_reference":"openldap2-client","relates_to_product_reference":"SUSE Linux Enterprise Desktop 11"},{"category":"default_component_of","full_product_name":{"name":"libldap-2_4-2 as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:libldap-2_4-2"},"product_reference":"libldap-2_4-2","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"openldap2-client as component of SUSE Linux Enterprise Server 11","product_id":"SUSE Linux Enterprise Server 11:openldap2-client"},"product_reference":"openldap2-client","relates_to_product_reference":"SUSE Linux Enterprise Server 11"},{"category":"default_component_of","full_product_name":{"name":"openldap2-client as component of SUSE Linux Enterprise Server for SAP Applications 11","product_id":"SUSE Linux Enterprise Server for SAP Applications 11:openldap2-client"},"product_reference":"openldap2-client","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 11"},{"category":"default_component_of","full_product_name":{"name":"openldap2-client as component of SUSE Linux Enterprise Software Development Kit 11","product_id":"SUSE Linux Enterprise Software Development Kit 11:openldap2-client"},"product_reference":"openldap2-client","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 11"}]},"vulnerabilities":[{"cve":"CVE-2009-2408","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2009-2408"}],"notes":[{"category":"general","text":"Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.","title":"CVE description"}],"product_status":{"known_affected":["SUSE Linux Enterprise Desktop 11:openldap2-client","SUSE Linux Enterprise Server 11:libldap-2_4-2","SUSE Linux Enterprise Server 11:openldap2-client","SUSE Linux Enterprise Server for SAP Applications 11:openldap2-client","SUSE Linux Enterprise Software Development Kit 11:openldap2-client"],"recommended":["SUSE Linux Enterprise Server 11:libfreebl3-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:libfreebl3-32bit-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:libfreebl3-x86-3.12.8-1.2.1","SUSE Linux Enterprise Server 11:libldap-2_4-2-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:libldap-2_4-2-32bit-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:libldap-2_4-2-x86-2.4.12-7.19.1","SUSE Linux Enterprise Server 11:libneon27-0.28.3-2.12.1","SUSE Linux Enterprise Server 11:libneon27-32bit-0.28.3-2.12.1","SUSE Linux Enterprise Server 11:libneon27-x86-0.28.3-2.12.1","SUSE Linux Enterprise Server 11:mozilla-nspr-32bit-4.8.6-1.2.1","SUSE Linux Enterprise Server 11:mozilla-nspr-4.8.6-1.2.1","SUSE Linux Enterprise Server 11:mozilla-nspr-x86-4.8.6-1.2.1","SUSE Linux Enterprise Server 11:mozilla-nss-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:mozilla-nss-32bit-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:mozilla-nss-tools-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:mozilla-nss-x86-3.12.8-1.2.1","SUSE Linux Enterprise Server 11:mutt-1.5.17-42.32.2","SUSE Linux Enterprise Server 11:neon-0.28.3-2.12.1","SUSE Linux Enterprise Server 11:openldap2-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:openldap2-back-meta-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:openldap2-client-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:zlib-1.2.3-106.34","SUSE Linux Enterprise Server 11:zlib-32bit-1.2.3-106.34","SUSE Linux Enterprise Server 11:zlib-x86-1.2.3-106.34","SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-32bit-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-x86-3.12.8-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-32bit-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-x86-2.4.12-7.19.1","SUSE Linux Enterprise Server for SAP Applications 11:libneon27-0.28.3-2.12.1","SUSE Linux Enterprise Server for SAP Applications 11:libneon27-32bit-0.28.3-2.12.1","SUSE Linux Enterprise Server for SAP Applications 11:libneon27-x86-0.28.3-2.12.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-32bit-4.8.6-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-4.8.6-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-x86-4.8.6-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-32bit-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-tools-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-x86-3.12.8-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:mutt-1.5.17-42.32.2","SUSE Linux Enterprise Server for SAP Applications 11:neon-0.28.3-2.12.1","SUSE Linux Enterprise Server for SAP Applications 11:openldap2-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:openldap2-back-meta-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:openldap2-client-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:zlib-1.2.3-106.34","SUSE Linux Enterprise Server for SAP Applications 11:zlib-32bit-1.2.3-106.34","SUSE Linux Enterprise Server for SAP Applications 11:zlib-x86-1.2.3-106.34"]},"references":[{"category":"external","summary":"CVE-2009-2408","url":"https://www.suse.com/security/cve/CVE-2009-2408"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 522602 for CVE-2009-2408","url":"https://bugzilla.suse.com/522602"},{"category":"external","summary":"SUSE Bug 527126 for CVE-2009-2408","url":"https://bugzilla.suse.com/527126"},{"category":"external","summary":"SUSE Bug 528298 for CVE-2009-2408","url":"https://bugzilla.suse.com/528298"},{"category":"external","summary":"SUSE Bug 528746 for CVE-2009-2408","url":"https://bugzilla.suse.com/528746"},{"category":"external","summary":"SUSE Bug 534782 for CVE-2009-2408","url":"https://bugzilla.suse.com/534782"},{"category":"external","summary":"SUSE Bug 535554 for CVE-2009-2408","url":"https://bugzilla.suse.com/535554"},{"category":"external","summary":"SUSE Bug 537141 for CVE-2009-2408","url":"https://bugzilla.suse.com/537141"},{"category":"external","summary":"SUSE Bug 537143 for CVE-2009-2408","url":"https://bugzilla.suse.com/537143"},{"category":"external","summary":"SUSE Bug 544910 for CVE-2009-2408","url":"https://bugzilla.suse.com/544910"},{"category":"external","summary":"SUSE Bug 557181 for CVE-2009-2408","url":"https://bugzilla.suse.com/557181"},{"category":"external","summary":"SUSE Bug 585393 for CVE-2009-2408","url":"https://bugzilla.suse.com/585393"},{"category":"external","summary":"SUSE Bug 609451 for CVE-2009-2408","url":"https://bugzilla.suse.com/609451"},{"category":"external","summary":"SUSE Bug 626159 for CVE-2009-2408","url":"https://bugzilla.suse.com/626159"},{"category":"external","summary":"SUSE Bug 837746 for CVE-2009-2408","url":"https://bugzilla.suse.com/837746"},{"category":"external","summary":"SUSE Bug 890510 for CVE-2009-2408","url":"https://bugzilla.suse.com/890510"},{"category":"external","summary":"Advisory link for SUSE-SA:2009:048","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/475UKY5X2WLJMXQ4S5LC62MFIPPFCHUH/#475UKY5X2WLJMXQ4S5LC62MFIPPFCHUH"},{"category":"external","summary":"Advisory link for SUSE-SR:2009:016","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ONCZEJ2OSRDB5UJWYUEBLKJ7IUHPOR62/#ONCZEJ2OSRDB5UJWYUEBLKJ7IUHPOR62"},{"category":"external","summary":"Advisory link for SUSE-SR:2009:018","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VMEAISLN34UWMY72L5AVPLMJAVE4JTFW/#VMEAISLN34UWMY72L5AVPLMJAVE4JTFW"},{"category":"external","summary":"Advisory link for TID7021279","url":"https://www.suse.com/support/kb/doc/?id=7021279"},{"category":"external","summary":"Advisory link for TID7021518","url":"https://www.suse.com/support/kb/doc/?id=7021518"},{"category":"external","summary":"Advisory link for TID7021676","url":"https://www.suse.com/support/kb/doc/?id=7021676"},{"category":"external","summary":"Advisory link for TID7021848","url":"https://www.suse.com/support/kb/doc/?id=7021848"},{"category":"external","summary":"Advisory link for TID7022090","url":"https://www.suse.com/support/kb/doc/?id=7022090"},{"category":"external","summary":"Advisory link for TID7022102","url":"https://www.suse.com/support/kb/doc/?id=7022102"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 11:libfreebl3-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:libfreebl3-32bit-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:libfreebl3-x86-3.12.8-1.2.1","SUSE Linux Enterprise Server 11:libldap-2_4-2-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:libldap-2_4-2-32bit-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:libldap-2_4-2-x86-2.4.12-7.19.1","SUSE Linux Enterprise Server 11:libneon27-0.28.3-2.12.1","SUSE Linux Enterprise Server 11:libneon27-32bit-0.28.3-2.12.1","SUSE Linux Enterprise Server 11:libneon27-x86-0.28.3-2.12.1","SUSE Linux Enterprise Server 11:mozilla-nspr-32bit-4.8.6-1.2.1","SUSE Linux Enterprise Server 11:mozilla-nspr-4.8.6-1.2.1","SUSE Linux Enterprise Server 11:mozilla-nspr-x86-4.8.6-1.2.1","SUSE Linux Enterprise Server 11:mozilla-nss-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:mozilla-nss-32bit-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:mozilla-nss-tools-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:mozilla-nss-x86-3.12.8-1.2.1","SUSE Linux Enterprise Server 11:mutt-1.5.17-42.32.2","SUSE Linux Enterprise Server 11:neon-0.28.3-2.12.1","SUSE Linux Enterprise Server 11:openldap2-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:openldap2-back-meta-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:openldap2-client-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:zlib-1.2.3-106.34","SUSE Linux Enterprise Server 11:zlib-32bit-1.2.3-106.34","SUSE Linux Enterprise Server 11:zlib-x86-1.2.3-106.34","SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-32bit-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-x86-3.12.8-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-32bit-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-x86-2.4.12-7.19.1","SUSE Linux Enterprise Server for SAP Applications 11:libneon27-0.28.3-2.12.1","SUSE Linux Enterprise Server for SAP Applications 11:libneon27-32bit-0.28.3-2.12.1","SUSE Linux Enterprise Server for SAP Applications 11:libneon27-x86-0.28.3-2.12.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-32bit-4.8.6-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-4.8.6-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-x86-4.8.6-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-32bit-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-tools-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-x86-3.12.8-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:mutt-1.5.17-42.32.2","SUSE Linux Enterprise Server for SAP Applications 11:neon-0.28.3-2.12.1","SUSE Linux Enterprise Server for SAP Applications 11:openldap2-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:openldap2-back-meta-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:openldap2-client-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:zlib-1.2.3-106.34","SUSE Linux Enterprise Server for SAP Applications 11:zlib-32bit-1.2.3-106.34","SUSE Linux Enterprise Server for SAP Applications 11:zlib-x86-1.2.3-106.34"]}],"scores":[{"cvss_v3":{"baseScore":5.9,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Linux Enterprise Server 11:libfreebl3-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:libfreebl3-32bit-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:libfreebl3-x86-3.12.8-1.2.1","SUSE Linux Enterprise Server 11:libldap-2_4-2-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:libldap-2_4-2-32bit-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:libldap-2_4-2-x86-2.4.12-7.19.1","SUSE Linux Enterprise Server 11:libneon27-0.28.3-2.12.1","SUSE Linux Enterprise Server 11:libneon27-32bit-0.28.3-2.12.1","SUSE Linux Enterprise Server 11:libneon27-x86-0.28.3-2.12.1","SUSE Linux Enterprise Server 11:mozilla-nspr-32bit-4.8.6-1.2.1","SUSE Linux Enterprise Server 11:mozilla-nspr-4.8.6-1.2.1","SUSE Linux Enterprise Server 11:mozilla-nspr-x86-4.8.6-1.2.1","SUSE Linux Enterprise Server 11:mozilla-nss-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:mozilla-nss-32bit-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:mozilla-nss-tools-3.12.3.1-1.1.1","SUSE Linux Enterprise Server 11:mozilla-nss-x86-3.12.8-1.2.1","SUSE Linux Enterprise Server 11:mutt-1.5.17-42.32.2","SUSE Linux Enterprise Server 11:neon-0.28.3-2.12.1","SUSE Linux Enterprise Server 11:openldap2-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:openldap2-back-meta-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:openldap2-client-2.4.12-7.18.1","SUSE Linux Enterprise Server 11:zlib-1.2.3-106.34","SUSE Linux Enterprise Server 11:zlib-32bit-1.2.3-106.34","SUSE Linux Enterprise Server 11:zlib-x86-1.2.3-106.34","SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-32bit-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:libfreebl3-x86-3.12.8-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-32bit-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:libldap-2_4-2-x86-2.4.12-7.19.1","SUSE Linux Enterprise Server for SAP Applications 11:libneon27-0.28.3-2.12.1","SUSE Linux Enterprise Server for SAP Applications 11:libneon27-32bit-0.28.3-2.12.1","SUSE Linux Enterprise Server for SAP Applications 11:libneon27-x86-0.28.3-2.12.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-32bit-4.8.6-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-4.8.6-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nspr-x86-4.8.6-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-32bit-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-tools-3.12.3.1-1.1.1","SUSE Linux Enterprise Server for SAP Applications 11:mozilla-nss-x86-3.12.8-1.2.1","SUSE Linux Enterprise Server for SAP Applications 11:mutt-1.5.17-42.32.2","SUSE Linux Enterprise Server for SAP Applications 11:neon-0.28.3-2.12.1","SUSE Linux Enterprise Server for SAP Applications 11:openldap2-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:openldap2-back-meta-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:openldap2-client-2.4.12-7.18.1","SUSE Linux Enterprise Server for SAP Applications 11:zlib-1.2.3-106.34","SUSE Linux Enterprise Server for SAP Applications 11:zlib-32bit-1.2.3-106.34","SUSE Linux Enterprise Server for SAP Applications 11:zlib-x86-1.2.3-106.34"]}],"threats":[{"category":"impact","date":"2013-06-28T04:57:37Z","details":"moderate"}],"title":"CVE-2009-2408"}]}