rhsa-2009_1190
Vulnerability from csaf_redhat
Published
2009-07-31 14:26
Modified
2024-11-22 03:00
Summary
Red Hat Security Advisory: nspr and nss security and bug fix update

Notes

Topic
Updated nspr and nss packages that fix security issues and bugs are now available for Red Hat Enterprise Linux 4.7 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team.
Details
Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing, calendar time, basic memory management (malloc and free), and shared library linking. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv2, SSLv3, TLS, and other security standards. These updated packages upgrade NSS from the previous version, 3.12.2, to a prerelease of version 3.12.4. The version of NSPR has also been upgraded from 4.7.3 to 4.7.4. Moxie Marlinspike reported a heap overflow flaw in a regular expression parser in the NSS library used by browsers such as Mozilla Firefox to match common names in certificates. A malicious website could present a carefully-crafted certificate in such a way as to trigger the heap overflow, leading to a crash or, possibly, arbitrary code execution with the permissions of the user running the browser. (CVE-2009-2404) Note: in order to exploit this issue without further user interaction in Firefox, the carefully-crafted certificate would need to be signed by a Certificate Authority trusted by Firefox, otherwise Firefox presents the victim with a warning that the certificate is untrusted. Only if the user then accepts the certificate will the overflow take place. Dan Kaminsky discovered flaws in the way browsers such as Firefox handle NULL characters in a certificate. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by Firefox, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse Firefox into accepting it by mistake. (CVE-2009-2408) Dan Kaminsky found that browsers still accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by a browser. NSS now disables the use of MD2 and MD4 algorithms inside signatures by default. (CVE-2009-2409) These version upgrades also provide fixes for the following bugs: * SSL client authentication failed against an Apache server when it was using the mod_nss module and configured for NSSOCSP. On the client side, the user agent received an error message that referenced "Error Code: -12271" and stated that establishing an encrypted connection had failed because the certificate had been rejected by the host. On the server side, the nss_error_log under /var/log/httpd/ contained the following message: [error] Re-negotiation handshake failed: Not accepted by client!? Also, /var/log/httpd/error_log contained this error: SSL Library Error: -8071 The OCSP server experienced an internal error With these updated packages, the dependency problem which caused this failure has been resolved so that SSL client authentication with an Apache web server using mod_nss which is configured for NSSOCSP succeeds as expected. Note that if the presented client certificate is expired, then access is denied, the user agent is presented with an error message about the invalid certificate, and the OCSP queries are seen in the OCSP responder. Also, similar OCSP status verification happens for SSL server certificates used in Apache upon instance start or restart. (BZ#508026) * NSS uses a software integrity test to detect code corruption. RPM transactions and system link optimization daemons (such as prelink) can change the contents of libraries, causing the software integrity test to fail. In combination with the updated prelink package (RHBA-2009:1041), these updated packages can now prevent software integrity test failures. (BZ#495938) All users of nspr and nss are advised to upgrade to these updated packages, which resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated nspr and nss packages that fix security issues and bugs are now\navailable for Red Hat Enterprise Linux 4.7 Extended Update Support.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Netscape Portable Runtime (NSPR) provides platform independence for non-GUI\noperating system facilities. These facilities include threads, thread\nsynchronization, normal file and network I/O, interval timing, calendar\ntime, basic memory management (malloc and free), and shared library linking.\n\nNetwork Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. Applications built with NSS can support SSLv2, SSLv3, TLS,\nand other security standards.\n\nThese updated packages upgrade NSS from the previous version, 3.12.2, to a\nprerelease of version 3.12.4. The version of NSPR has also been upgraded\nfrom 4.7.3 to 4.7.4.\n\nMoxie Marlinspike reported a heap overflow flaw in a regular expression\nparser in the NSS library used by browsers such as Mozilla Firefox to match\ncommon names in certificates. A malicious website could present a\ncarefully-crafted certificate in such a way as to trigger the heap\noverflow, leading to a crash or, possibly, arbitrary code execution with\nthe permissions of the user running the browser. (CVE-2009-2404)\n\nNote: in order to exploit this issue without further user interaction in\nFirefox, the carefully-crafted certificate would need to be signed by a\nCertificate Authority trusted by Firefox, otherwise Firefox presents the\nvictim with a warning that the certificate is untrusted. Only if the user\nthen accepts the certificate will the overflow take place.\n\nDan Kaminsky discovered flaws in the way browsers such as Firefox handle\nNULL characters in a certificate. If an attacker is able to get a\ncarefully-crafted certificate signed by a Certificate Authority trusted by\nFirefox, the attacker could use the certificate during a man-in-the-middle\nattack and potentially confuse Firefox into accepting it by mistake.\n(CVE-2009-2408)\n\nDan Kaminsky found that browsers still accept certificates with MD2 hash\nsignatures, even though MD2 is no longer considered a cryptographically\nstrong algorithm. This could make it easier for an attacker to create a\nmalicious certificate that would be treated as trusted by a browser. NSS\nnow disables the use of MD2 and MD4 algorithms inside signatures by\ndefault. (CVE-2009-2409)\n\nThese version upgrades also provide fixes for the following bugs:\n\n* SSL client authentication failed against an Apache server when it was \nusing the mod_nss module and configured for NSSOCSP. On the client side,\nthe user agent received an error message that referenced \"Error Code:\n-12271\" and stated that establishing an encrypted connection had failed\nbecause the certificate had been rejected by the host.\n\nOn the server side, the nss_error_log under /var/log/httpd/ contained the\nfollowing message:\n\n[error] Re-negotiation handshake failed: Not accepted by client!?\n\nAlso, /var/log/httpd/error_log contained this error:\n\nSSL Library Error: -8071 The OCSP server experienced an internal error\n\nWith these updated packages, the dependency problem which caused this\nfailure has been resolved so that SSL client authentication with an\nApache web server using mod_nss which is configured for NSSOCSP succeeds\nas expected. Note that if the presented client certificate is expired,\nthen access is denied, the user agent is presented with an error message\nabout the invalid certificate, and the OCSP queries are seen in the OCSP\nresponder. Also, similar OCSP status verification happens for SSL server\ncertificates used in Apache upon instance start or restart. (BZ#508026)\n\n* NSS uses a software integrity test to detect code corruption. RPM\ntransactions and system link optimization daemons (such as prelink) can\nchange the contents of libraries, causing the software integrity test to\nfail. In combination with the updated prelink package (RHBA-2009:1041),\nthese updated packages can now prevent software integrity test failures.\n(BZ#495938)\n\nAll users of nspr and nss are advised to upgrade to these updated packages,\nwhich resolve these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2009:1190",
        "url": "https://access.redhat.com/errata/RHSA-2009:1190"
      },
      {
        "category": "external",
        "summary": "http://www.redhat.com/security/updates/classification/#critical",
        "url": "http://www.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "495938",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495938"
      },
      {
        "category": "external",
        "summary": "508026",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=508026"
      },
      {
        "category": "external",
        "summary": "510197",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510197"
      },
      {
        "category": "external",
        "summary": "510251",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510251"
      },
      {
        "category": "external",
        "summary": "512912",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512912"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1190.json"
      }
    ],
    "title": "Red Hat Security Advisory: nspr and nss security and bug fix update",
    "tracking": {
      "current_release_date": "2024-11-22T03:00:38+00:00",
      "generator": {
        "date": "2024-11-22T03:00:38+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2009:1190",
      "initial_release_date": "2009-07-31T14:26:00+00:00",
      "revision_history": [
        {
          "date": "2009-07-31T14:26:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2009-07-31T10:31:31+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T03:00:38+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS EUS (v. 4.7)",
                "product": {
                  "name": "Red Hat Enterprise Linux AS EUS (v. 4.7)",
                  "product_id": "4AS-4.7.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:rhel_eus:4.7::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES EUS (v. 4.7)",
                "product": {
                  "name": "Red Hat Enterprise Linux ES EUS (v. 4.7)",
                  "product_id": "4ES-4.7.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:rhel_eus:4.7::es"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "nspr-devel-0:4.7.4-1.el4_7.1.ia64",
                "product": {
                  "name": "nspr-devel-0:4.7.4-1.el4_7.1.ia64",
                  "product_id": "nspr-devel-0:4.7.4-1.el4_7.1.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr-devel@4.7.4-1.el4_7.1?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
                "product": {
                  "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
                  "product_id": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr-debuginfo@4.7.4-1.el4_7.1?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nspr-0:4.7.4-1.el4_7.1.ia64",
                "product": {
                  "name": "nspr-0:4.7.4-1.el4_7.1.ia64",
                  "product_id": "nspr-0:4.7.4-1.el4_7.1.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr@4.7.4-1.el4_7.1?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-0:3.12.3.99.3-1.el4_7.6.ia64",
                "product": {
                  "name": "nss-0:3.12.3.99.3-1.el4_7.6.ia64",
                  "product_id": "nss-0:3.12.3.99.3-1.el4_7.6.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss@3.12.3.99.3-1.el4_7.6?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
                "product": {
                  "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
                  "product_id": "nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss-devel@3.12.3.99.3-1.el4_7.6?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
                "product": {
                  "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
                  "product_id": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss-debuginfo@3.12.3.99.3-1.el4_7.6?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
                "product": {
                  "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
                  "product_id": "nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr-debuginfo@4.7.4-1.el4_7.1?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nspr-0:4.7.4-1.el4_7.1.i386",
                "product": {
                  "name": "nspr-0:4.7.4-1.el4_7.1.i386",
                  "product_id": "nspr-0:4.7.4-1.el4_7.1.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr@4.7.4-1.el4_7.1?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nspr-devel-0:4.7.4-1.el4_7.1.i386",
                "product": {
                  "name": "nspr-devel-0:4.7.4-1.el4_7.1.i386",
                  "product_id": "nspr-devel-0:4.7.4-1.el4_7.1.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr-devel@4.7.4-1.el4_7.1?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-0:3.12.3.99.3-1.el4_7.6.i386",
                "product": {
                  "name": "nss-0:3.12.3.99.3-1.el4_7.6.i386",
                  "product_id": "nss-0:3.12.3.99.3-1.el4_7.6.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss@3.12.3.99.3-1.el4_7.6?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
                "product": {
                  "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
                  "product_id": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss-debuginfo@3.12.3.99.3-1.el4_7.6?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
                "product": {
                  "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
                  "product_id": "nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss-devel@3.12.3.99.3-1.el4_7.6?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
                "product": {
                  "name": "nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
                  "product_id": "nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr-devel@4.7.4-1.el4_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
                "product": {
                  "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
                  "product_id": "nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr-debuginfo@4.7.4-1.el4_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nspr-0:4.7.4-1.el4_7.1.x86_64",
                "product": {
                  "name": "nspr-0:4.7.4-1.el4_7.1.x86_64",
                  "product_id": "nspr-0:4.7.4-1.el4_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr@4.7.4-1.el4_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
                "product": {
                  "name": "nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
                  "product_id": "nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss@3.12.3.99.3-1.el4_7.6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64",
                "product": {
                  "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64",
                  "product_id": "nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss-devel@3.12.3.99.3-1.el4_7.6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
                "product": {
                  "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
                  "product_id": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss-debuginfo@3.12.3.99.3-1.el4_7.6?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "nspr-0:4.7.4-1.el4_7.1.src",
                "product": {
                  "name": "nspr-0:4.7.4-1.el4_7.1.src",
                  "product_id": "nspr-0:4.7.4-1.el4_7.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr@4.7.4-1.el4_7.1?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-0:3.12.3.99.3-1.el4_7.6.src",
                "product": {
                  "name": "nss-0:3.12.3.99.3-1.el4_7.6.src",
                  "product_id": "nss-0:3.12.3.99.3-1.el4_7.6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss@3.12.3.99.3-1.el4_7.6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "nspr-devel-0:4.7.4-1.el4_7.1.ppc",
                "product": {
                  "name": "nspr-devel-0:4.7.4-1.el4_7.1.ppc",
                  "product_id": "nspr-devel-0:4.7.4-1.el4_7.1.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr-devel@4.7.4-1.el4_7.1?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
                "product": {
                  "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
                  "product_id": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr-debuginfo@4.7.4-1.el4_7.1?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nspr-0:4.7.4-1.el4_7.1.ppc",
                "product": {
                  "name": "nspr-0:4.7.4-1.el4_7.1.ppc",
                  "product_id": "nspr-0:4.7.4-1.el4_7.1.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr@4.7.4-1.el4_7.1?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-0:3.12.3.99.3-1.el4_7.6.ppc",
                "product": {
                  "name": "nss-0:3.12.3.99.3-1.el4_7.6.ppc",
                  "product_id": "nss-0:3.12.3.99.3-1.el4_7.6.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss@3.12.3.99.3-1.el4_7.6?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
                "product": {
                  "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
                  "product_id": "nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss-devel@3.12.3.99.3-1.el4_7.6?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
                "product": {
                  "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
                  "product_id": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss-debuginfo@3.12.3.99.3-1.el4_7.6?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
                "product": {
                  "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
                  "product_id": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr-debuginfo@4.7.4-1.el4_7.1?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nspr-0:4.7.4-1.el4_7.1.ppc64",
                "product": {
                  "name": "nspr-0:4.7.4-1.el4_7.1.ppc64",
                  "product_id": "nspr-0:4.7.4-1.el4_7.1.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr@4.7.4-1.el4_7.1?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
                "product": {
                  "name": "nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
                  "product_id": "nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss@3.12.3.99.3-1.el4_7.6?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
                "product": {
                  "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
                  "product_id": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss-debuginfo@3.12.3.99.3-1.el4_7.6?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "nspr-devel-0:4.7.4-1.el4_7.1.s390x",
                "product": {
                  "name": "nspr-devel-0:4.7.4-1.el4_7.1.s390x",
                  "product_id": "nspr-devel-0:4.7.4-1.el4_7.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr-devel@4.7.4-1.el4_7.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
                "product": {
                  "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
                  "product_id": "nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr-debuginfo@4.7.4-1.el4_7.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nspr-0:4.7.4-1.el4_7.1.s390x",
                "product": {
                  "name": "nspr-0:4.7.4-1.el4_7.1.s390x",
                  "product_id": "nspr-0:4.7.4-1.el4_7.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr@4.7.4-1.el4_7.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-0:3.12.3.99.3-1.el4_7.6.s390x",
                "product": {
                  "name": "nss-0:3.12.3.99.3-1.el4_7.6.s390x",
                  "product_id": "nss-0:3.12.3.99.3-1.el4_7.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss@3.12.3.99.3-1.el4_7.6?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
                "product": {
                  "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
                  "product_id": "nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss-devel@3.12.3.99.3-1.el4_7.6?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
                "product": {
                  "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
                  "product_id": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss-debuginfo@3.12.3.99.3-1.el4_7.6?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
                "product": {
                  "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
                  "product_id": "nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr-debuginfo@4.7.4-1.el4_7.1?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nspr-0:4.7.4-1.el4_7.1.s390",
                "product": {
                  "name": "nspr-0:4.7.4-1.el4_7.1.s390",
                  "product_id": "nspr-0:4.7.4-1.el4_7.1.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr@4.7.4-1.el4_7.1?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nspr-devel-0:4.7.4-1.el4_7.1.s390",
                "product": {
                  "name": "nspr-devel-0:4.7.4-1.el4_7.1.s390",
                  "product_id": "nspr-devel-0:4.7.4-1.el4_7.1.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nspr-devel@4.7.4-1.el4_7.1?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-0:3.12.3.99.3-1.el4_7.6.s390",
                "product": {
                  "name": "nss-0:3.12.3.99.3-1.el4_7.6.s390",
                  "product_id": "nss-0:3.12.3.99.3-1.el4_7.6.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss@3.12.3.99.3-1.el4_7.6?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
                "product": {
                  "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
                  "product_id": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss-debuginfo@3.12.3.99.3-1.el4_7.6?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
                "product": {
                  "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
                  "product_id": "nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/nss-devel@3.12.3.99.3-1.el4_7.6?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.i386 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.i386",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.ia64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.ia64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.ppc as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.ppc",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.ppc64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.ppc64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.s390 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.s390",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.s390x as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.s390x",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.src as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.src"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.src",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.x86_64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.i386 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386"
        },
        "product_reference": "nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64"
        },
        "product_reference": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc"
        },
        "product_reference": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64"
        },
        "product_reference": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.s390 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390"
        },
        "product_reference": "nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x"
        },
        "product_reference": "nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64"
        },
        "product_reference": "nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-devel-0:4.7.4-1.el4_7.1.i386 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386"
        },
        "product_reference": "nspr-devel-0:4.7.4-1.el4_7.1.i386",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-devel-0:4.7.4-1.el4_7.1.ia64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64"
        },
        "product_reference": "nspr-devel-0:4.7.4-1.el4_7.1.ia64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-devel-0:4.7.4-1.el4_7.1.ppc as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc"
        },
        "product_reference": "nspr-devel-0:4.7.4-1.el4_7.1.ppc",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-devel-0:4.7.4-1.el4_7.1.s390 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390"
        },
        "product_reference": "nspr-devel-0:4.7.4-1.el4_7.1.s390",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-devel-0:4.7.4-1.el4_7.1.s390x as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x"
        },
        "product_reference": "nspr-devel-0:4.7.4-1.el4_7.1.s390x",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-devel-0:4.7.4-1.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64"
        },
        "product_reference": "nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.i386 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.i386",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.ia64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.ia64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.ppc as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.ppc",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.ppc64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.s390 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.s390",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.s390x as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.s390x",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.src as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.src",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.x86_64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386"
        },
        "product_reference": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64"
        },
        "product_reference": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc"
        },
        "product_reference": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64"
        },
        "product_reference": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390"
        },
        "product_reference": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x"
        },
        "product_reference": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64"
        },
        "product_reference": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.i386 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386"
        },
        "product_reference": "nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64"
        },
        "product_reference": "nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc"
        },
        "product_reference": "nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.s390 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390"
        },
        "product_reference": "nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x"
        },
        "product_reference": "nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64 as a component of Red Hat Enterprise Linux AS EUS (v. 4.7)",
          "product_id": "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64"
        },
        "product_reference": "nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64",
        "relates_to_product_reference": "4AS-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.i386 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.i386",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.ia64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.ia64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.ppc as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.ppc",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.ppc64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.ppc64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.s390 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.s390",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.s390x as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.s390x",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.src as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.src"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.src",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-0:4.7.4-1.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64"
        },
        "product_reference": "nspr-0:4.7.4-1.el4_7.1.x86_64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.i386 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386"
        },
        "product_reference": "nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64"
        },
        "product_reference": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc"
        },
        "product_reference": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64"
        },
        "product_reference": "nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.s390 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390"
        },
        "product_reference": "nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x"
        },
        "product_reference": "nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64"
        },
        "product_reference": "nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-devel-0:4.7.4-1.el4_7.1.i386 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386"
        },
        "product_reference": "nspr-devel-0:4.7.4-1.el4_7.1.i386",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-devel-0:4.7.4-1.el4_7.1.ia64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64"
        },
        "product_reference": "nspr-devel-0:4.7.4-1.el4_7.1.ia64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-devel-0:4.7.4-1.el4_7.1.ppc as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc"
        },
        "product_reference": "nspr-devel-0:4.7.4-1.el4_7.1.ppc",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-devel-0:4.7.4-1.el4_7.1.s390 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390"
        },
        "product_reference": "nspr-devel-0:4.7.4-1.el4_7.1.s390",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-devel-0:4.7.4-1.el4_7.1.s390x as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x"
        },
        "product_reference": "nspr-devel-0:4.7.4-1.el4_7.1.s390x",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nspr-devel-0:4.7.4-1.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64"
        },
        "product_reference": "nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.i386 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.i386",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.ia64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.ia64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.ppc as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.ppc",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.ppc64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.s390 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.s390",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.s390x as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.s390x",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.src as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.src",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-0:3.12.3.99.3-1.el4_7.6.x86_64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64"
        },
        "product_reference": "nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386"
        },
        "product_reference": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64"
        },
        "product_reference": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc"
        },
        "product_reference": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64"
        },
        "product_reference": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390"
        },
        "product_reference": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x"
        },
        "product_reference": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64"
        },
        "product_reference": "nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.i386 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386"
        },
        "product_reference": "nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64"
        },
        "product_reference": "nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc"
        },
        "product_reference": "nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.s390 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390"
        },
        "product_reference": "nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x"
        },
        "product_reference": "nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
        "relates_to_product_reference": "4ES-4.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64 as a component of Red Hat Enterprise Linux ES EUS (v. 4.7)",
          "product_id": "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64"
        },
        "product_reference": "nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64",
        "relates_to_product_reference": "4ES-4.7.z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2009-2404",
      "discovery_date": "2009-07-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "512912"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long domain name in the subject\u0027s Common Name (CN) field of an X.509 certificate, related to the cert_TestHostName function.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "nss regexp heap overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-2404"
        },
        {
          "category": "external",
          "summary": "RHBZ#512912",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512912"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2404",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-2404"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2404",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2404"
        }
      ],
      "release_date": "2009-07-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-07-31T14:26:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1190"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "nss regexp heap overflow"
    },
    {
      "cve": "CVE-2009-2408",
      "discovery_date": "2009-02-25T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "510251"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a \u0027\\0\u0027 character in a domain name in the subject\u0027s Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "firefox/nss: doesn\u0027t handle NULL in Common Name properly",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-2408"
        },
        {
          "category": "external",
          "summary": "RHBZ#510251",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510251"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2408",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-2408"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2408",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2408"
        }
      ],
      "release_date": "2009-07-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-07-31T14:26:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1190"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "firefox/nss: doesn\u0027t handle NULL in Common Name properly"
    },
    {
      "cve": "CVE-2009-2409",
      "discovery_date": "2009-02-25T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "510197"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time.  NOTE: the scope of this issue is currently limited because the amount of computation required is still large.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "deprecate MD2 in SSL cert validation (Kaminsky)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
          "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
          "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
          "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
          "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
          "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
          "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
          "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
          "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
          "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-2409"
        },
        {
          "category": "external",
          "summary": "RHBZ#510197",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510197"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2409",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-2409"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2409",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2409"
        }
      ],
      "release_date": "2009-07-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-07-31T14:26:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1190"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
            "4AS-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
            "4AS-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
            "4AS-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4AS-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.ppc64",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.src",
            "4ES-4.7.z:nspr-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.ppc64",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-debuginfo-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.i386",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ia64",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.ppc",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.s390x",
            "4ES-4.7.z:nspr-devel-0:4.7.4-1.el4_7.1.x86_64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.src",
            "4ES-4.7.z:nss-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.ppc64",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-debuginfo-0:3.12.3.99.3-1.el4_7.6.x86_64",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.i386",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ia64",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.ppc",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.s390x",
            "4ES-4.7.z:nss-devel-0:3.12.3.99.3-1.el4_7.6.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "deprecate MD2 in SSL cert validation (Kaminsky)"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.